seccomp vs ptrace
From: Serge E. Hallyn
Date: Wed Mar 18 2015 - 17:30:14 EST
Hi,
I'm writing to ask about
The seccomp check will not be run again after the tracer is
notified. (This means that seccomp-based sandboxes MUST NOT
allow use of ptrace, even of other sandboxed processes, without
extreme care; ptracers can use this mechanism to escape.)
This basically means that seccomp cannot be safely used with for instance
an upstart based container. I've been told that Andy was working on
changing the order so that ptrace checks would be done before seccomp.
Is there any update on that? Is it likely to happen? Scrapped?
thanks,
-serge
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/