On Tue, Aug 14, 2012 at 7:03 PM, Kushan Sharma <mlkus...@gmail.com> wrote: > Hello, > > Thanks a lot and I highly appreciate your support. After carefully going > through the libseccomp documentation, I was able to write c shell that > allows only defined set of syscalls. Allowed set of syscalls are defined > withing the c program using seccomp_rule_add() function. To define a new > syscall to the list of allowed system calls, I needs to modify the c code. > > I am currently searching for a method to dynamically define syscalls for the > list of allowed syscalls. If your can suggest me a method to develop a > syscall policy based solution, that would be greatly appreciated. >
Something similar to what you want was done by systemd. Maybe you should give a look at the sources. http://lwn.net/Articles/507067/ Cheers, ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ libseccomp-discuss mailing list libseccomp-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/libseccomp-discuss
