analyze-security: do not assign badness to filtered-out syscalls

Fixes #16451, https://bugzilla.redhat.com/show_bug.cgi?id=1856273. (cherry picked from commit 01ecb36) Resolves: RHEL-5991
redhat-plumbers · Oct 20, 2023 · 1d711c5 · 1d711c5
1 parent f4eef0e
commit 1d711c5
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/analyze/analyze-security.c b/src/analyze/analyze-security.c
@@ -549,7 +549,7 @@ static int assess_system_call_filter(
                                 b = 10;
                         } else {
                                 (void) asprintf(&d, "System call blacklist defined for service, and %s is included", f->name);
-                                b = 5;
+                                b = 0;
                         }
                 }
         }