mirror of https://github.com/omar-polo/gmid.git
tightens seccomp filter: allow only openat(O_RDONLY)
be more strict and allow an openat only with the O_RDONLY flag. This is kind of redundant with landlock, but still good to have. Landlock is not yet widely available and won't kill the process upon policy violation; furthermore, landlock can be disabled at boot time. tested on GNU and musl libc on arch and alpine amd64.
This commit is contained in:
parent
94c5f99ab0
commit
4f0e893cd3
|
@ -354,7 +354,7 @@ static struct sock_filter filter[] = {
|
||||||
SC_ALLOW(oldfstat),
|
SC_ALLOW(oldfstat),
|
||||||
#endif
|
#endif
|
||||||
#ifdef __NR_openat
|
#ifdef __NR_openat
|
||||||
SC_ALLOW(openat),
|
SC_ALLOW_ARG(__NR_openat, 3, O_RDONLY),
|
||||||
#endif
|
#endif
|
||||||
#ifdef __NR_prlimit64
|
#ifdef __NR_prlimit64
|
||||||
SC_ALLOW(prlimit64),
|
SC_ALLOW(prlimit64),
|
||||||
|
|
Loading…
Reference in New Issue