How can I find all syscalls that have to be whitelisted for seccomp?


How can I find all syscalls that have to be whitelisted for seccomp?



I have an existing program that I would like to sandbox using seccomp (v2).



How can I find what seccomp rules I need to allow for the program?



I've tried adding seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(…), 0) for all syscalls printed by strace -xfc a.out, but apparently that wasn't enough, since I'm still getting "SIGSYS, Bad system call" when I run the program with seccomp.


seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(…), 0)


strace -xfc a.out




1 Answer
1



Probably the most reliable way is to switch your seccomp filter to return SECCOMP_RET_TRAP ("send catchable SIGSYS on error") rather than SECCOMP_RET_KILL ("kill the process with an uncatchable SIGSYS"), then print the siginfo_t from the signal handler, then commit suicide.


SECCOMP_RET_TRAP


SIGSYS


SECCOMP_RET_KILL


SIGSYS


siginfo_t





Is that equivalent to scmp_filter_ctx ctx = seccomp_init(SCMP_ACT_TRAP);?
– Kornel
Jul 1 at 17:03


scmp_filter_ctx ctx = seccomp_init(SCMP_ACT_TRAP);





Yes, that's one of the C-level libraries; I was answering at the syscall level since that's the same.
– o11c
Jul 1 at 20:56






By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.

-

Popular posts from this blog

How to make file upload 'Required' in Contact Form 7?

How to make file upload 'Required' in Contact Form 7? I have a Contact Form 7 form on my Wordpress website and I have specified that the file upload is mandatory by putting a * , however the users are able to submit the form without file upload. * Relevant Contact Form 7 form is given below: <div class="filelink">[file* AddanImage filetypes:gif|png|jpg|jpeg]</div> How do I write the Contact Form 7 code or add a validation perhaps so that the users are not able to submit the form without uploading an image? Any hints/help/guidance is highly appreciated. Have you check doc - contactform7.com/file-uploading-and-attachment – Mukesh Panchal Jun 30 at 8:38 @MukeshPanchal I have and the code complies with the documentation – Hamza Ahmad Jul 1 at 10:44
Read more

Rothschild family

Image
"House of Rothschild" redirects here. For the film, see The House of Rothschild. For other uses, see Rothschild (disambiguation). Rothschild Jewish noble banking family Coat of arms granted to the Barons Rothschild in 1822 by Emperor Francis I of Austria Ethnicity Jewish Current region Western Europe (mainly United Kingdom, France, and Germany) [1] Etymology Rothschild (German): "red shield" Place of origin Frankfurter Judengasse, Frankfurt, Holy Roman Empire Founded 1760s (1577  ( 1577 ) ) Founder Mayer Amschel Rothschild (1744–1812) (Elchanan Rothschild, b. 1577) Titles List Freiherr von Rothschild (1822) Baronet, of Tring Park (1847) Baron Rothschild (1885) Traditions Judaism, Goût Rothschild Motto Concordia, Integritas, Industria (English: Harmony, Integrity, Industry ) Estate(s) List British properties Château de Ferrières Palais Rothschild Cadet branches List Austrian branch English branch French branch Neapolitan branch A Rothschild house, Wadd
Read more

amazon EC2 - How to make wp-config.php to writable?

Image
amazon EC2 - How to make wp-config.php to writable? I'm using Amazon EC2 with Bitnami wordpress. I recently tried to use plugins, they install and activate well, but there are still errors. Those errors look like permission errors. Also, perhaps, how to make the whole wordpress directory writable? I'm only accessing through SSH. Some of the errors: "A definition of a siteurl or homeurl was detected in your wp-config.php, but the file is not writable. Set your wp-config.php to writable and reload this page." From W3 total Cache: Please add the error messages you get back. – Damien Feb 8 '17 at 12:42 one is: " A definition of a siteurl or homeurl was detected in your wp-config.php, but the file is not writable. Set your wp-config.php to writable and reload this page."
Read more