On Wed, Mar 23, 2016 at 6:46 PM, Mickaël Salaün <mic@xxxxxxxxxxx> wrote: > Hi, > > This series is a proof of concept (not ready for production) to extend seccomp > with the ability to check argument pointers of syscalls as kernel object (e.g. > file path). This add a needed feature to create a full sandbox managed by > userland like the Seatbelt/XNU Sandbox or the OpenBSD Pledge. It was initially > inspired from a partial seccomp-LSM prototype [1] but has evolved a lot since :) This is interesting! I'd really like to get argument inspection working. I'm going to spend some time examining this series more closely, but my initial reaction is that I'm suspicious of the ToCToU checking -- I'd rather there be no race at all. As for the bug-fixes, I'll get those pulled in now. Thanks! -Kees -- Kees Cook Chrome OS & Brillo Security -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
