woj/woj-sandbox
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity
5fd6b7acda
woj-sandbox/rules/lang_c.c

26 lines
653 B
C
Raw Blame History

#include "../sandbox.h"
#include "lang.h"
#include "rules.h"
#include <seccomp.h>
void setup_lang_c(scmp_filter_ctx ctx) {
int white[] = {
SCMP_SYS(read), SCMP_SYS(write), SCMP_SYS(lseek),
SCMP_SYS(mmap), SCMP_SYS(munmap), SCMP_SYS(getpid),
SCMP_SYS(futex), SCMP_SYS(newfstatat), SCMP_SYS(exit_group),
};
int white_len = sizeof(white) / sizeof(white[0]);
for (int i = 0; i < white_len; i++) {
add_syscall_nr(white[i], ctx, SCMP_ACT_ALLOW);
}
}
struct rule lang_c_rule = {
.name = "lang_c",
.setup = setup_lang_c,
};
void register_lang_c(void) { register_rule(&lang_c_rule); }
Reference in New Issue View Git Blame Copy Permalink