go-seccomp-bpf icon indicating copy to clipboard operation
go-seccomp-bpf copied to clipboard

Published 20 hours ago verified publisher icon elastic

Feature: System Call Argument Filtering

Open andrewkroh opened this issue 7 years ago • 0 comments

Suppose you want allow clone with specific arguments such as CLONE_NEWUSER. To accomplish this we need to add the ability to generate a BPF filter that can check the arguments.

BPF supports several operators: https://godoc.org/golang.org/x/net/bpf#JumpTest

andrewkroh avatar Apr 25 '18 21:04 andrewkroh