On 04/10/2016 00:56, Kees Cook wrote:
> On Tue, Sep 20, 2016 at 10:08 AM, Mickaël Salaün wrote:
>>
>> On 15/09/2016 11:19, Pavel Machek wrote:
>>> Hi!
>>>
This series is a proof of concept to fill some missing part of seccomp as
the
ability to check syscall argument pointers or cr
On Tue, Sep 20, 2016 at 10:08 AM, Mickaël Salaün wrote:
>
> On 15/09/2016 11:19, Pavel Machek wrote:
>> Hi!
>>
>>> This series is a proof of concept to fill some missing part of seccomp as
>>> the
>>> ability to check syscall argument pointers or creating more dynamic security
>>> policies. The g
On Tue 2016-09-20 19:08:23, Mickaël Salaün wrote:
>
> On 15/09/2016 11:19, Pavel Machek wrote:
> > Hi!
> >
> >> This series is a proof of concept to fill some missing part of seccomp as
> >> the
> >> ability to check syscall argument pointers or creating more dynamic
> >> security
> >> policies
On 15/09/2016 11:19, Pavel Machek wrote:
> Hi!
>
>> This series is a proof of concept to fill some missing part of seccomp as the
>> ability to check syscall argument pointers or creating more dynamic security
>> policies. The goal of this new stackable Linux Security Module (LSM) called
>> Landl
Hi!
> This series is a proof of concept to fill some missing part of seccomp as the
> ability to check syscall argument pointers or creating more dynamic security
> policies. The goal of this new stackable Linux Security Module (LSM) called
> Landlock is to allow any process, including unprivilege
On Tue, Aug 30, 2016 at 12:51 PM, Mickaël Salaün wrote:
>
> On 30/08/2016 18:06, Andy Lutomirski wrote:
>> On Thu, Aug 25, 2016 at 3:32 AM, Mickaël Salaün wrote:
>>> Hi,
>>>
>>> This series is a proof of concept to fill some missing part of seccomp as
>>> the
>>> ability to check syscall argumen
On 30/08/2016 18:06, Andy Lutomirski wrote:
> On Thu, Aug 25, 2016 at 3:32 AM, Mickaël Salaün wrote:
>> Hi,
>>
>> This series is a proof of concept to fill some missing part of seccomp as the
>> ability to check syscall argument pointers or creating more dynamic security
>> policies. The goal of
On Thu, Aug 25, 2016 at 3:32 AM, Mickaël Salaün wrote:
> Hi,
>
> This series is a proof of concept to fill some missing part of seccomp as the
> ability to check syscall argument pointers or creating more dynamic security
> policies. The goal of this new stackable Linux Security Module (LSM) calle
Cc Tejun and the cgroups ML.
On 27/08/2016 17:10, Mickaël Salaün wrote:
> On 27/08/2016 09:40, Andy Lutomirski wrote:
>> On Thu, Aug 25, 2016 at 3:32 AM, Mickaël Salaün wrote:
>>>
>>> # Sandbox example with conditional access control depending on cgroup
>>>
>>> $ mkdir /sys/fs/cgroup/sandboxed
On 27/08/2016 09:40, Andy Lutomirski wrote:
> On Thu, Aug 25, 2016 at 3:32 AM, Mickaël Salaün wrote:
>> Hi,
>>
>> This series is a proof of concept to fill some missing part of seccomp as the
>> ability to check syscall argument pointers or creating more dynamic security
>> policies. The goal of
On Thu, Aug 25, 2016 at 3:32 AM, Mickaël Salaün wrote:
> Hi,
>
> This series is a proof of concept to fill some missing part of seccomp as the
> ability to check syscall argument pointers or creating more dynamic security
> policies. The goal of this new stackable Linux Security Module (LSM) calle
On 25/08/2016 13:05, Andy Lutomirski wrote:
> On Thu, Aug 25, 2016 at 3:32 AM, Mickaël Salaün wrote:
>> Hi,
>>
>> This series is a proof of concept to fill some missing part of seccomp as the
>> ability to check syscall argument pointers or creating more dynamic security
>> policies. The goal of
On Thu, Aug 25, 2016 at 3:32 AM, Mickaël Salaün wrote:
> Hi,
>
> This series is a proof of concept to fill some missing part of seccomp as the
> ability to check syscall argument pointers or creating more dynamic security
> policies. The goal of this new stackable Linux Security Module (LSM) calle
Hi,
This series is a proof of concept to fill some missing part of seccomp as the
ability to check syscall argument pointers or creating more dynamic security
policies. The goal of this new stackable Linux Security Module (LSM) called
Landlock is to allow any process, including unprivileged ones,
14 matches
Mail list logo
