On 25/02/15 18:21, Damien Miller wrote: > On Wed, 25 Feb 2015, LABBE Corentin wrote: >> + SC_ALLOW(ioctl), > no, sorry. ioctl is too much attack kernel surface and would defeat the > usefulness of the sandbox. > > -d Labbe, which ioctl is being issued?