Questions tagged [seccomp]
8 questions
16
votes
2 answers
Docker: when to use apparmor vs seccomp vs --cap-drop
Docker seems to support both apparmor and seccomp. Docker also allows to drop capabilities when running a container.
However I couldn't find any documentation or guideline on when to use which approach.
There seems to be a significant overlap in…
JackDaniels
- 261
- 2
- 5
11
votes
2 answers
Difference between linux capabities and seccomp
I know seccomp (secure computing) is a way to restrict a process from making particular system calls.
While linux capabilities provides a way to give privileges to specific user or process.
So if I want to disable a process from making raw network…
mchawre
- 213
- 2
- 7
7
votes
2 answers
Opt-in a security profile at runtime, without tedious setup
I like lowering my access privilege mid-program (e.g. restrict my program to the current directory and files, disable networking). I imagine this is a pretty common wish.
I would like to be able to do this as a normal user, without the involvement…
fluxrider
- 171
- 2
3
votes
1 answer
Why I am unable to execute insmod on the docker container?
I have started an unprivileged docker container and trying to start the privileged exec session. It has CAP_SYS_MODULE capabilities, but still, I am getting operations not permitted in insmod.
docker start -it -d --name test ubuntu
docker exec -it…
tbhaxor
- 131
- 3
2
votes
1 answer
What additional protection does seccomp provide when compared to capabilites?
From this answer I understand that seccomp-bpf filters the list of syscalls a process can call.
Similarly, the capabilites mechanism will cause a syscall to fail if the caller does not have the capability necessary for that syscall.
What I want to…
inorik
- 197
- 5
2
votes
1 answer
Is it possible to use systemd seccomp filtering for running applications from command line?
Example systemd unit file, what I mean by…
adrelanos
- 680
- 7
- 21
0
votes
0 answers
How to dump the input of a seccomp BPF filter?
I am writing a program that creates BPF seccomp filters. These filters are supposed to check syscalls and their arguments against predefined allowed values. The logic to check the syscall by its number works as expected. However, the logic to filter…
inorik
- 197
- 5
0
votes
2 answers
Syscalls are disabled with seccomp. What attacks are still possible? How to prevent them?
I want to run a piece of untrusted code on my machine.
I've disabled all syscalls (besides exit, sigreturn, read and write) with seccomp for a process. Now, I'd like to spawn a child process that will execute the untrusted code.
What attacks are…
John Smith
- 357
- 2
- 6