LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Seccomp filters: permission denied

Seccomp filters: permission denied

Posted May 27, 2011 15:47 UTC (Fri) by nybble41 (subscriber, #55106)
In reply to: Seccomp filters: permission denied by talex
Parent article: Seccomp filters: permission denied

You would also need to disallow absolute paths, or use a chroot--blocking symlinks and '..' in the kernel's path resolver won't prevent an application from resolving the full path internally. The intended use seems more in line with improving the security of applications which are already trusted, as a guard against accidents.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds