Re: [patch] let CONFIG_SECCOMP default to n

From: Bodo Eggert
Date: Mon Jul 17 2006 - 07:41:53 EST

Ingo Molnar <mingo@xxxxxxx> wrote:
> * Jeff Dike <jdike@xxxxxxxxxxx> wrote:

>> Now, there were a couple of ways to legitimately escape from UML, and
>> they *did* involve ptrace. Things like single-stepping a system call
>> instruction or putting a breakpoint on a system call instruction and
>> single-stepping from the breakpoint. As far as I know, these were
>> discovered and fixed by UML developers before there was any outside
>> awareness of these bugs.
> also, UML 'ptrace clients' are allowed alot more leeway than what a
> seccomp-alike ptrace/utrace based syscall filter would allow. It would
> clearly exclude activities like 'setting a breakpoint' or
> 'single-stepping' - valid syscalls would be limited to
> read/write/sigreturn/exit.

So instead of breakpointing (using int3), you'd have to write
'mv flag I_AM_HERE;self:jmp self' and resort to polling?
This would not prevent (ab)use except for some corner cases.
Ich danke GMX dafür, die Verwendung meiner Adressen mittels per SPF
verbreiteten Lügen zu sabotieren.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at