deviloric
/
bubblewrap-scripts
mirror of https://github.com/valoq/bwscripts.git
0
0
Fork 0
Code Releases Activity

revert abstract socket filter

This commit is contained in:
valoq 2022-11-26 11:59:44 +01:00
parent c6f18a5e94
commit 65ae073550
No known key found for this signature in database
GPG Key ID: 19F09A0FB865CBD8
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
exportFilter.c
View File

@ -110,10 +110,11 @@ int main(int argc, char *argv[])
DENY_RULE (vmsplice);
/* filter connect arguments to block communication to abstracte sockets */
if (seccomp_rule_add (ctx, SCMP_ACT_KILL, SCMP_SYS(connect), 1,
/* not working and vulnerable to TOUTOC */
/* if (seccomp_rule_add (ctx, SCMP_ACT_KILL, SCMP_SYS(connect), 1,
SCMP_CMP(1, SCMP_CMP_EQ, '\0')) < 0)
goto out;
*/
/* end of syscall filter list */

BIN
seccomp_filter.bpf
View File

Binary file not shown.