@zyga those are both good questions.

- Detection functionality is included in kernel patches. There's a new
seccomp(2) operation to check if the log action is available and an
added test to ensure that there's a certain combination of valid/invalid
seccomp(2) arguments that can be used to detect if the log filter flag
is available. Both of these checks will be embedded into libseccomp and
the checks will be carried out when the calling code specifies actions
and filter flags.

- Making the necessary libseccomp-golang changes is something that I
plan to do. I need to hear back from the libseccomp PR first and then
will proceed to make the libseccomp-golang changes that match the
libseccomp changes.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1567597

Title:
  implement 'complain mode' in seccomp for developer mode with snaps

To manage notifications about this bug go to:
https://bugs.launchpad.net/snappy/+bug/1567597/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to