Discussion:
[libseccomp-discuss] Question about filter based on filename
Cong Zheng
2015-01-31 20:48:48 UTC
Permalink
Hi all,


It's my first time to use libseccomp. My question is how can I use
libseccomp to filter the first parameter (filename) in open() syscall?

Thanks for your help.


- Cong
Paul Moore
2015-02-01 02:15:14 UTC
Permalink
Post by Cong Zheng
Hi all,
It's my first time to use libseccomp. My question is how can I use
libseccomp to filter the first parameter (filename) in open() syscall?
Thanks for your help.
Hello,

First, we've moved this mailing list to Google Groups, you can
subscribe to the new mailing list at the URL below:

* https://groups.google.com/d/forum/libseccomp

Now, as far as filtering the filename argument to open(), while you
can filter on the string's memory address (char *), you unfortunately
can't on the string value itself. This is a limitation of the kernel
and not something we can fix in libseccomp.
--
paul moore
www.paul-moore.com
Loading...