PostgreSQL considers seccomp() filters
PostgreSQL considers seccomp() filters
Posted Oct 2, 2019 10:51 UTC (Wed) by brauner (subscriber, #109349)In reply to: PostgreSQL considers seccomp() filters by mjg59
Parent article: PostgreSQL considers seccomp() filters
Hm, we discussed this at KSummit and I'm not sure seccomp is the right tool for this.
Not without introducing all kinds of races or moving that part of seccomp into it's own LSM which has it's own problems.
In general path-based filtering seems LSM territory.
However, we intend to bring aspects of deep argument inspection to seccomp eventually.
Not without introducing all kinds of races or moving that part of seccomp into it's own LSM which has it's own problems.
In general path-based filtering seems LSM territory.
However, we intend to bring aspects of deep argument inspection to seccomp eventually.