Skip to content
Advertisement

Tag: seccomp

How can I find all syscalls that have to be whitelisted for seccomp?

I have an existing program that I would like to sandbox using seccomp (v2). How can I find what seccomp rules I need to allow for the program? I’ve tried adding seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(…), 0) for all syscalls printed by strace -xfc a.out, but apparently that wasn’t enough, since I’m still getting “SIGSYS, Bad system call” when I run the

Advertisement