Date: Sun, 26 Jul 2015 17:33:26 +0100 From: Justin Cormack <justin@...cialbusservice.com> To: musl@...ts.openwall.com Subject: Re: Using direct socket syscalls on x86_32 where available? On 25 July 2015 at 19:35, Szabolcs Nagy <nsz@...t70.net> wrote: > * Andy Lutomirski <luto@...capital.net> [2015-07-25 10:54:28 -0700]: >> If userspace adapts by preferring the direct syscalls when available, >> it'll make it easier for seccomp to filter new userspace programs >> (and, ideally, eventually disallow socketcall for sandbox-aware code). > > btw is there a nice cmdline tool for seccomp now? > > or is the api still manual construction of bpf byte code in c? libseccomp https://github.com/seccomp/libseccomp is the standard library to use (its an Alpine now); there is not a command line tool that I am aware of. Justin
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.