Allow adding syscalls by group names #18
برچسبها
بدون برچسب
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
بدون نقطه عطف
بدون تخصیص
1 مشارکت کننده
اعلانها
موعد مقرر
هیچ موعد مقرری ثبت نشده.
وابستگی ها
No dependencies set.
Reference: crtxcr/exile.h#18
بارگذاری…
مرجع در شماره جدید
Block a user
No description provided.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
If you add "open", there is a chance you also want to block "openat"...
So make this easy by allow adding system call by group names to the policy.
Also, maybe take some inspiration from pledge().
If there was a kernel update, but no qssb.h update or code is using an outdated verison, new syscalls could have been added that are not in any group yet.
Thus, we may habe to auto blacklist all those that we do not know.
Alternatively, adding syscalls by groups should only be allowed for whitelisting?