This patch series rework a bit ujail, and add capabilities support to it Seccomp filter are very powerful but not totally generic, each arch can have different set of syscalls, each libc can use different syscall for the same function, and seccomp isn't supported on all arch.
Capabilities are more high level, but still can restrict jail to a sane minimum of privileges. Patch 4 is a bit big and i can split it if needed, just tell me how Waiting for your comments Etienne _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
