Re: PR_SET_SECCOMP and PR_GET_SECCOMP doc (and bug?)
From: Valdis . Kletnieks
Date: Tue Jun 17 2008 - 12:12:44 EST
On Tue, 17 Jun 2008 15:32:29 +0200, Michael Kerrisk said:
> On Mon, Jun 16, 2008 at 6:25 PM, Andrea Arcangeli <andrea@xxxxxxxxxxxx> wrote:
> > On Mon, Jun 16, 2008 at 02:15:13PM +0200, Michael Kerrisk wrote:
> >> PR_GET_SECCOMP (since Linux 2.6.23)
> >> Return the secure computing mode of the calling thread.
> >> Not very useful: if the caller is not in secure computing
> >> mode, this operation returns 0; if the caller is in secure
> >> computing mode, then the prctl() call will cause a SIGKILL
> >> signal to be sent to the process. This operation is only
> >> available if the kernel is configured with CONFIG_SECCOMP
> >> enabled.
Would it make sense to change the text to read "Not very useful for the
current implementation of mode=1" and/or add that it may be useful for
future modes that allow prctl() modes other than 1?
Attachment:
pgp00000.pgp
Description: PGP signature