kore/misc at 8bbdaedf947a1ae18d1a3ce29ddace6cf20f17eb - kore

mirror of https://git.kore.io/kore.git synced 2024-11-11 12:49:32 +01:00

History

Joris Vink 8bbdaedf94 Allow configuring seccomp on Linux via the python api. A new hook in the koreapp class is called right before seccomp is enabled. This hook receives a Kore seccomp object which has the following methods: seccomp.allow("syscall") seccomp.allow_arg("syscall", arg, value) seccomp.allow_flag("syscall", arg, flag) seccomp.allow_mask("syscall", arg, mask) seccomp.deny("syscall") seccomp.deny_arg("syscall", arg, value, errno=EACCES) seccomp.deny_flag("syscall", arg, flag, errno=EACCES) seccomp.deny_mask("syscall", arg, mask, errno=EACCES) This allows you to finetune the seccomp filters for your application from inside your koreapp.	2019-10-04 10:59:48 +02:00
..
linux-platform.sh	Allow configuring seccomp on Linux via the python api.	2019-10-04 10:59:48 +02:00

Joris Vink 8bbdaedf94 Allow configuring seccomp on Linux via the python api.

A new hook in the koreapp class is called right before seccomp
is enabled. This hook receives a Kore seccomp object which has
the following methods:

	seccomp.allow("syscall")
	seccomp.allow_arg("syscall", arg, value)
	seccomp.allow_flag("syscall", arg, flag)
	seccomp.allow_mask("syscall", arg, mask)

	seccomp.deny("syscall")
	seccomp.deny_arg("syscall", arg, value, errno=EACCES)
	seccomp.deny_flag("syscall", arg, flag, errno=EACCES)
	seccomp.deny_mask("syscall", arg, mask, errno=EACCES)

This allows you to finetune the seccomp filters for your application
from inside your koreapp.

2019-10-04 10:59:48 +02:00

linux-platform.sh

Allow configuring seccomp on Linux via the python api.

2019-10-04 10:59:48 +02:00