The inherent fragility of seccomp()
The inherent fragility of seccomp()
Posted Dec 11, 2017 7:14 UTC (Mon) by mjg59 (subscriber, #23239)In reply to: The inherent fragility of seccomp() by roc
Parent article: The inherent fragility of seccomp()
Not necessarily - in combination with an LSM policy you could restrict which things can be execve()ed. But the fact that all of these security features are effectively orthogonal makes it pretty hard to write an overarching policy.