Steven Rostedt wrote: > On Thu, 2012-01-12 at 17:14 +0100, Oleg Nesterov wrote: > > > May be this needs something like LSM_UNSAFE_SECCOMP, or perhaps > > cap_bprm_set_creds() should take seccomp.mode == 2 into account, I dunno. > > > > OTOH, currently seccomp.mode == 1 doesn't allow to exec at all. > > I've never used seccomp, so I admit I'm totally ignorant on this topic. > > But looking at seccomp from the outside, the biggest advantage to this > would be the ability for normal processes to be able to limit tasks it > kicks off. If I want to run a task in a sandbox, I don't want to be root > to do so. > > I guess a web browser doesn't perform an exec to run java programs. Actually it does. Firefox on Linux forks and execs the Java VM. Same for Flash, using "plugin-container". > But it would be nice if I could execute something from the command > line that I could run in a sand box. You can do this now, using ptrace(). It's horrible, but half of the horribleness is needing to understand machine-dependent registers, which this new patch doesn't address. (The other half is a ton of undocumented but important ptrace() behaviours on Linux.) -- Jamie -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
