Re: [RFC v2 00/10] Landlock LSM: Unprivileged sandboxing

From: Andy Lutomirski
Date: Thu Aug 25 2016 - 07:28:32 EST

Next message: Sudeep Holla: "[PATCH] i2c: qup: skip qup_i2c_suspend if the device is already runtime suspended"
Previous message: Srinivas Kandagatla: "[PATCH] clk: qcom: select GDSC for msm8996 gcc and mmcc"
In reply to: MickaÃl SalaÃn: "[RFC v2 05/10] seccomp: Handle Landlock"
Next in thread: MickaÃl SalaÃn: "Re: [RFC v2 00/10] Landlock LSM: Unprivileged sandboxing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Aug 25, 2016 at 3:32 AM, MickaÃl SalaÃn <mic@xxxxxxxxxxx> wrote:
> Hi,
>
> This series is a proof of concept to fill some missing part of seccomp as the
> ability to check syscall argument pointers or creating more dynamic security
> policies. The goal of this new stackable Linux Security Module (LSM) called
> Landlock is to allow any process, including unprivileged ones, to create
> powerful security sandboxes comparable to the Seatbelt/XNU Sandbox or the
> OpenBSD Pledge. This kind of sandbox help to mitigate the security impact of
> bugs or unexpected/malicious behaviors in userland applications.
>

Maybe I'm missing an obvious description, but: do you have a
description of the eBPF API to landlock? What function do you
provide, when is it called, what functions can it call, what does the
fancy new arraymap do, etc?

--Andy

Next message: Sudeep Holla: "[PATCH] i2c: qup: skip qup_i2c_suspend if the device is already runtime suspended"
Previous message: Srinivas Kandagatla: "[PATCH] clk: qcom: select GDSC for msm8996 gcc and mmcc"
In reply to: MickaÃl SalaÃn: "[RFC v2 05/10] seccomp: Handle Landlock"
Next in thread: MickaÃl SalaÃn: "Re: [RFC v2 00/10] Landlock LSM: Unprivileged sandboxing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]