Quoting Paul Moore ([email protected]): > On Friday, July 27, 2012 01:47:44 PM Serge Hallyn wrote: > > Quoting Serge Hallyn ([email protected]): > > ... > > > > > > There have been discussions about disabling certain syscalls, e.g. > > > > execve(), in certain applications, but by default the kernel doesn't > > > > disallow any syscalls neither does libseccomp. The only things that > > > > libseccomp does by default is set the no_new_privs prctl() flag and > > > > verify that you are not trying to run a non-native binary. Both are > > > > tunable using the > > > > seccomp_attr_{get,set}() functions, but it doesn't sound like that it > > > > your > > > > > > Ah, that's good to know, I'll definately need to use that (lxc seccomp > > > patch is what I'm really working on). > > > > That was the problem. I haven't looked back at the kernel code, but when > > I do seccomp_attr_set(SCMP_FLTATR_CTL_NNP, 0); then it works. I remember > > a patch going in about apparmor denying somethingorother with NNP, I must > > have run into that. > > > > Thanks! > > Great, glad to hear you found the problem. > > Also, just a heads-up for the lxc patch in case you missed it earlier this > week, we're changing the API in the next release to include a filter > context/handle.
Yup, I'm only doing a proof of concept this week. In 2-3 weeks I'll try to get something packageable and upstreamable, maybe the new API will be packaged by then. thanks, -serge ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ libseccomp-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/libseccomp-discuss
