On Thu, May 26, 2016 at 12:49:13AM -0700, Dan Kaminsky wrote:
> So I'm curious. There is another option -- seccomp-bpf can trap on
> arbitrary syscalls. Is there a reason anyone sees why UML couldn't be
> routed through it?
You need to be able to annull system calls. Dunno if seccomp can do
that, but if it can, as well as read them out which I assume it can,
you're golden.
Jeff
--
Jeff Dike
AddToIt
978-254-0789 (o)
978-394-8986 (c)
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
User-mode-linux-user mailing list
User-mode-linux-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-user
