On 02/15/2017 09:14 PM, Andy Lutomirski wrote:
On Mon, Feb 13, 2017 at 7:45 PM, Tyler Hicks
<tyhicks(a)canonical.com> wrote:
> This patch creates a read-only sysctl containing an ordered list of
> seccomp actions that the kernel supports. The ordering, from left to
> right, is the lowest action value (kill) to the highest action value
> (allow). Currently, a read of the sysctl file would return "kill trap
> errno trace allow". The contents of this sysctl file can be useful for
> userspace code as well as the system administrator.
Would this make more sense as a new seccomp(2) mode a la
SECCOMP_HAS_ACTION? Then sandboxy things that have no fs access could
use it.
It would make sense for code that needs to check which actions are
available. It wouldn't make sense for administrators that need to check
which actions are available unless libseccomp provided a wrapper utility.
Is this a theoretical concern or do you know of a sandboxed piece of
code that cannot access the sysctl before constructing a seccomp filter?
Tyler