hing
to be exec'd, so if somehow by Thor's hammer that program escapes it's
sandbox, it will only be able to exec itself. I suppose it will have
to now be restricted to absolute paths only.
Thanks everyone for the clarification!
On Fri, Sep 4, 2015 at 4:01 AM, Kees Cook wrote:
>
Hiyall,
I have created a seccomp white list filter for a program that launches
other less trustworthy programs. It's working great so far, but I
have run into a little roadblock. the launcher program needs to call
execve as it's final step, but that may not be present in the white
list. I am wo
