Re: [Qemu-devel] [PATCH] Add syscalls for -runas and -chroot to the secc

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] Add syscalls for -runas and -chroot to the secc

From:	namnamc
Subject:	Re: [Qemu-devel] [PATCH] Add syscalls for -runas and -chroot to the seccomp sandbox
Date:	Fri, 2 Oct 2015 00:17:53 -0000

> Should it enable seccomp a bit later?

Ideally it should be enabled as late as possible, right before the main loop,
because here's no reason to whitelist syscalls that are only ever needed to
start QEMU up (e.g. chroot, which is only used before the guest even boots).
But for now, the simplest solution to the -chroot and -runas issue I can
think
of is to enable those syscalls in my patch.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [PATCH] Add syscalls for -runas and -chroot to the seccomp sandbox, namnamc <=
- Re: [Qemu-devel] [PATCH] Add syscalls for -runas and -chroot to the seccomp sandbox, namnamc, 2015/10/09
  - Re: [Qemu-devel] [PATCH] Add syscalls for -runas and -chroot to the seccomp sandbox, Markus Armbruster, 2015/10/09
    - Re: [Qemu-devel] [PATCH] Add syscalls for -runas and -chroot to the seccomp sandbox, Eduardo Otubo, 2015/10/10

Prev by Date: Re: [Qemu-devel] [PATCH 3/5] qga: guest exec functionality
Next by Date: Re: [Qemu-devel] [PATCH v2 4/4] tests: add a local test for guest agent
Previous by thread: Re: [Qemu-devel] [PATCH v2 4/4] tests: add a local test for guest agent
Next by thread: Re: [Qemu-devel] [PATCH] Add syscalls for -runas and -chroot to the seccomp sandbox
Index(es):
- Date
- Thread