>> If the CONFIG_SECCOMP_FILTER permits fork(), is the seccomp setting >> inherited across fork()? Similar question for execve(). > > Yes for both. Additionally, the filters are cumulative. (If the > filters allows prctl, additional filters can be appended; they are run > in order until the first non-allow result is seen.) Thanks. I'll add some words to the man page. Cheers, Michael -- Michael Kerrisk Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/ Author of "The Linux Programming Interface"; http://man7.org/tlpi/ -- To unsubscribe from this list: send the line "unsubscribe linux-man" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
