Re: [RESEND][PATCH] prctl: update seccomp sections for mode 2 (BPF)

From: Michael Kerrisk (man-pages)
Date: Mon Oct 22 2012 - 17:43:36 EST

Next message: Nitin Gupta: "Re: [PATCH] [staging][zram] Fix handling of incompressible pages"
Previous message: Andrew Morton: "Re: [PATCH] MM: Support more pagesizes for MAP_HUGETLB/SHM_HUGETLBv6"
In reply to: Kees Cook: "Re: [RESEND][PATCH] prctl: update seccomp sections for mode 2 (BPF)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>> If the CONFIG_SECCOMP_FILTER permits fork(), is the seccomp setting
>> inherited across fork()? Similar question for execve().
>
> Yes for both. Additionally, the filters are cumulative. (If the
> filters allows prctl, additional filters can be appended; they are run
> in order until the first non-allow result is seen.)

Thanks. I'll add some words to the man page.

Cheers,

Michael

--
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Author of "The Linux Programming Interface"; http://man7.org/tlpi/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Nitin Gupta: "Re: [PATCH] [staging][zram] Fix handling of incompressible pages"
Previous message: Andrew Morton: "Re: [PATCH] MM: Support more pagesizes for MAP_HUGETLB/SHM_HUGETLBv6"
In reply to: Kees Cook: "Re: [RESEND][PATCH] prctl: update seccomp sections for mode 2 (BPF)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]