Date: Fri, 03 Feb 2017 21:13:29 +0000 From: Jessica Frazelle <me@...sfraz.com> To: Vincent Batts <vbatts@...hbangbash.com> Cc: Thomas Garnier <thgarnie@...gle.com>, Kernel Hardening <kernel-hardening@...ts.openwall.com> Subject: Re: Container Hardening Thanks, I'll check it out. On Fri, Feb 3, 2017 at 12:48 PM Vincent Batts <vbatts@...hbangbash.com> wrote: > Jess, > > In the vein of your proposal ( > https://gist.github.com/jessfraz/3a84023ff85471696ee33a20031b9e7b), > there was recently a systemtap (http://sourceware.org/systemtap/) script > written to output some of this data that is not generally accessible > from userspace. > > Will Cohen was nice enough to upload this and a quick write-up on it's > usage. > > https://github.com/wcohen/linux-instrumentation/blob/master/container_check.md > > Where this can show when a "badcap" is encountered, or just to see the > profile of capabilities and syscalls used. > > vb > > > Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.