analyze-security: do not assign badness to filtered-out syscalls

Fixes #16451, https://bugzilla.redhat.com/show_bug.cgi?id=1856273.
2020-08-01 11:28:09 +02:00 · 2020-08-01 11:28:09 +02:00 · 01ecb3674a
parent c2cfb12641
commit 01ecb3674a
1 changed files with 1 additions and 1 deletions
--- a/src/analyze/analyze-security.c
+++ b/src/analyze/analyze-security.c
@ -566,7 +566,7 @@ static int assess_system_call_filter(
                                b = 10;
                        } else {
                                (void) asprintf(&d, "System call deny list defined for service, and %s is included", f->name);
-                                b = 5;
+                                b = 0;
                        }
                }
        }