Unprivileged BPF and authoritative security hooks
Unprivileged BPF and authoritative security hooks
Posted Apr 29, 2023 22:39 UTC (Sat) by rcampos (subscriber, #59737)Parent article: Unprivileged BPF and authoritative security hooks
Seccomp notify (notify to a user space agent when a sus all is done) wouldn't be useful here?
I mean, the agent can execute the syscall in behalf of the unprivileged process if it deems it safe to do so. The process has no privileges nor capabilities.
Or going to user space is too slow for this use case?