crtxcr/exile.h
1
0
Fork 0
Koodi Ongelmat 14 Pull-pyynnöt 1 Julkaisut Wiki Toiminta

Allow adding syscalls by group names #18

Uusi ongelma
Suljettu
2021-09-06 22:35:05 +02:00 avasi crtxcr · 1 comment
crtxcr kommentoi 2021-09-06 22:35:05 +02:00
Omistaja
Kopioi linkki

If you add "open", there is a chance you also want to block "openat"...

So make this easy by allow adding system call by group names to the policy.

Also, maybe take some inspiration from pledge().

If you add "open", there is a chance you also want to block "openat"... So make this easy by allow adding system call by group names to the policy. Also, maybe take some inspiration from pledge().
crtxcr added the
enhancement
 label 2021-09-06 22:35:05 +02:00
crtxcr kommentoi 2021-09-18 22:55:42 +02:00
Tekijä
Omistaja
Kopioi linkki

If there was a kernel update, but no qssb.h update or code is using an outdated verison, new syscalls could have been added that are not in any group yet.

Thus, we may habe to auto blacklist all those that we do not know.

Alternatively, adding syscalls by groups should only be allowed for whitelisting?

If there was a kernel update, but no qssb.h update or code is using an outdated verison, new syscalls could have been added that are not in any group yet. Thus, we may habe to auto blacklist all those that we do not know. Alternatively, adding syscalls by groups should only be allowed for whitelisting?
crtxcr sulki tämän ongelman 2021-11-20 19:52:05 +01:00
Sign in to join this conversation.
Haaraa/tagia ei määritelty
Branchit Tagit
Tunnisteet
Tyhjennä tunnisteet   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
wontfix

This won't be fixed

Ei tunnistetta
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
Merkkipaalu
Tyhjennä merkkipaalu
Ei kohteita
Ei merkkipaalua
Käsittelijä
Tyhjennä käsittelijä
Ei käsittelijää
1 osallistujaa
Ilmoitukset
Määräpäivä
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

Määräpäivää ei asetettu.

Riippuvuudet

Riippuvuuksia ei asetettu.

Reference: crtxcr/exile.h#18
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?