The inherent fragility of seccomp()
The inherent fragility of seccomp()
Posted Nov 11, 2017 1:45 UTC (Sat) by pkern (subscriber, #32883)In reply to: The inherent fragility of seccomp() by juliank
Parent article: The inherent fragility of seccomp()
Well, systemd does that: https://www.freedesktop.org/software/systemd/man/systemd....
At the same time as stated in the original post AppArmor also leaks the details of the libraries an application loads into the profiles. Or if they exec something you need to account for whatever the exec'ed app does.