On Tue, Jun 16, 2020 at 12:49 AM Kees Cook <keescook@xxxxxxxxxxxx> wrote: > > For systems that provide multiple syscall maps based on architectures > (e.g. AUDIT_ARCH_X86_64 and AUDIT_ARCH_I386 via CONFIG_COMPAT), allow > a fast way to pin the process to a specific syscall mapping, instead of > needing to generate all filters with an architecture check as the first > filter action. Can you allow specification of the reject action? I can see people wanting TRAP instead, for example. _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
