path: root/kernel
diff options
authorTycho Andersen <>2018-12-09 11:24:14 -0700
committerKees Cook <>2018-12-11 16:32:11 -0800
commitfec7b6690541b8128663a13c9586b1daf42b0a6c (patch)
treec5f07046f22b36ef62ff7cc02511acd0ace8ce9f /kernel
parent6a21cc50f0c7f87dae5259f6cfefe024412313f6 (diff)
samples: add an example of seccomp user trap
The idea here is just to give a demonstration of how one could safely use the SECCOMP_RET_USER_NOTIF feature to do mount policies. This particular policy is (as noted in the comment) not very interesting, but it serves to illustrate how one might apply a policy dodging the various TOCTOU issues. Signed-off-by: Tycho Andersen <> CC: Kees Cook <> CC: Andy Lutomirski <> CC: Oleg Nesterov <> CC: Eric W. Biederman <> CC: "Serge E. Hallyn" <> CC: Christian Brauner <> CC: Tyler Hicks <> CC: Akihiro Suda <> Signed-off-by: Kees Cook <>
Diffstat (limited to 'kernel')
0 files changed, 0 insertions, 0 deletions