Am 12.11.2012 20:48, schrieb Eduardo Otubo: > Now the seccomp filter will be set to "on" even if no argument > "-sandbox" is given. > > v3: * Introduced seccomp_states enum and new functions named > seccomp_set_state() and seccomp_get_state() > (pbonz...@redhat.com). > * Merged seccomp_start() and install_seccomp_filter(), > moved install_seccomp_filter() to qemu-seccomp.c, > and renamed it. > * Moved CONFIG_SECCOMP pre-processor checks from Makefile.objs > to qemu-seccomp.c. > * Replace qerror_report with fprintf(stderr, "..") in main() > (lcapitul...@redhat.com). > > Note: This support requires libseccomp. If you don't have access > to libseccomp packages, you can manually build with the following > steps: > > 1) git clone git://git.code.sf.net/p/libseccomp/libseccomp > 2) cd libseccomp > 3) ./configure > 4) make > 5) make install > 6) export PKG_CONFIG_PATH="/usr/local/lib/pkgconfig/"
To my understanding libseccomp specifically filters Linux syscalls, no? Are you positive that building and enabling this by default works with mingw32, bsd, darwin, etc. and makes sense? Regards, Andreas -- SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
