Re: [PATCH v28 08/12] landlock: Add syscall implementations

On Tue, Feb 02, 2021 at 05:27:06PM +0100, Mickaël Salaün wrote: > From: Mickaël Salaün > > These 3 system calls are designed to be used by unprivileged processes > to sandbox themselves: > * landlock_create_ruleset(2): Creates a ruleset and returns its file > descriptor. > * landlock_add_rule(2

[PATCH v28 08/12] landlock: Add syscall implementations

From: Mickaël Salaün These 3 system calls are designed to be used by unprivileged processes to sandbox themselves: * landlock_create_ruleset(2): Creates a ruleset and returns its file descriptor. * landlock_add_rule(2): Adds a rule (e.g. file hierarchy access) to a ruleset, identified by the