|
|
Log in / Subscribe / Register

Deferring seccomp decisions to user space

Deferring seccomp decisions to user space

Posted Jun 2, 2018 19:14 UTC (Sat) by smurf (subscriber, #17840)
Parent article: Deferring seccomp decisions to user space

Wouldn't handling of these calls be a whole lot easier if there was a way to tell the monitored program to proceed with the syscall in question? I'd assume that calls like open() or exec() on behalf of the tracee are a major PITA to do correctly – in other words: a security hole in waiting.

to post comments

Deferring seccomp decisions to user space

Posted Jun 2, 2018 20:07 UTC (Sat) by TheJH (subscriber, #101155) [Link]

But doing that reasonably safely (without race conditions) is a big PITA, especially if the sandboxed process is multithreaded. If you look at the path argument of an open() call and use that to determine whether the call should be allowed, it's probably safest to do the actual open() in the supervisor process and then install the resulting FD in the sandboxed process.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds