>> If the CONFIG_SECCOMP_FILTER permits fork(), is the seccomp setting
>> inherited across fork()? Similar question for execve().
>
> Yes for both. Additionally, the filters are cumulative. (If the
> filters allows prctl, additional filters can be appended; they are run
> in order until the first n
On Mon, Oct 22, 2012 at 12:34 AM, Michael Kerrisk (man-pages)
wrote:
> Kees,
>
> A couple of questions about SECCOMP_MODE_FILTER.
>
> I added some words that the arg3 is a pointer to 'struct fprog'. Can
> you confirmn that's correct?
Correct. Good idea to add this detail.
> If the CONFIG_SECCOMP
Kees,
A couple of questions about SECCOMP_MODE_FILTER.
I added some words that the arg3 is a pointer to 'struct fprog'. Can
you confirmn that's correct?
If the CONFIG_SECCOMP_FILTER permits fork(), is the seccomp setting
inherited across fork()? Similar question for execve().
Thanks,
Michael
Hello Kees,
On Fri, Sep 21, 2012 at 1:37 AM, Kees Cook wrote:
> This adds a short summary of the arguments used for "mode 2" (BPF)
> seccomp.
Thanks very much. Applied.
Cheers,
Michael
> Signed-off-by: Kees Cook
> ---
> man2/prctl.2 | 40 ++--
> 1 file
This adds a short summary of the arguments used for "mode 2" (BPF)
seccomp.
Signed-off-by: Kees Cook
---
man2/prctl.2 | 40 ++--
1 files changed, 30 insertions(+), 10 deletions(-)
diff --git a/man2/prctl.2 b/man2/prctl.2
index eb53aa8..a44aa32 100644
--- a/
5 matches
Mail list logo
