snapshot: adding unlinkat to seccomp

Author: ibhatt-jumptrading

src/app/firedancer/config/default.toml

@@ -1489,7 +1489,7 @@ user = ""
     #
     # In development, you can disable the sandbox for testing and
     # debugging with the `--no-sandbox` argument to `firedancer-dev`.
-    sandbox = false
+    sandbox = true
 
     # As part of the security sandboxing, Firedancer will run every tile
     # in a separate process.  This can be annoying for debugging where

src/disco/topo/fd_topo_run.c

@@ -105,7 +105,7 @@ fd_topo_run_tile( fd_topo_t *          topo,
   }
 
 
-  struct sock_filter seccomp_filter[ 128UL ];
+  struct sock_filter seccomp_filter[ 256UL ];
   ulong seccomp_filter_cnt = 0UL;
   if( FD_LIKELY( tile_run->populate_allowed_seccomp ) ) {
     seccomp_filter_cnt = tile_run->populate_allowed_seccomp( topo,

src/discof/restore/fd_snaprd_tile.seccomppolicy

@@ -127,5 +127,13 @@ setsockopt: (and (not (or (eq (arg 0) 2)
 renameat: (and (eq (arg 0) dir_fd)
                (eq (arg 2) dir_fd))
 
+# snapshot: the temporary snapshot files are unlinked if just local
+# snapshot directories are loaded in.
+#
+# arg 0 is the file descriptor for the directory that the temporary
+# files are located in
+unlinkat: (and (eq (arg 0) dir_fd)
+               (eq (arg 2) 0))
+
 # shutdown: exit is called on shutdown
 exit: (eq (arg 0) 0)