Ernesto Fernández

> [pid 2026874] newfstatat(5, "", 0x7ffd80399170, AT_EMPTY_PATH) = -1 EPERM (Operation not permitted) Ok, I'm just moving the call to fstat() outside the sandbox. That doesn't carry any risk, and...

> I'm facing the same issue (or at least seems like the same). But I'm on x86_64-linux (NixOS). only --disable-sandbox works Can you run `strace -f rdrview -H 'https://github.com/eafer/rdrview' 2>&1...

> PS: I'm using 7be01fb In that case, I think this issue has already been fixed. Try the current head.

> @eafer tested with rev 444ce3d6efd8989cd6ecfdc0560071b20e622636 and the issue is no longer. I previously hadn't checked if Nix package was up to date, sorry about this. No problem, I'm glad...

Thanks for the patch. What does the zero mean in `SCMP_A2_32(SCMP_CMP_EQ, MADV_DONTNEED, 0)`?

The problem is indeed with the encoding of the document. To handle a new encoding iconv needs to read files from disk, but this is forbidden by the security sandbox....

> And I had never thought about the security implications of parsing eventually "foreign evill" html that you "stuff" into my system. > But that's what "real" browsers have to...

I'm pretty sure the zero is not needed, but I guess it doesn't make any difference so I'll pick it up as is. Thanks again.

@Phantasimay sorry for the long delay, I haven't been paying much attention to rdrview. If you still care about this, I would need to see the url for the page...

I don't mind leaving it open in case other people show up asking for this.