problem about seccomp-Collection of common programming errors

• 
  Alice Cruel
  linux security kernel syscall seccomp
  I’m a Linux Kernel newbie.I’m investigating the implementation detail of seccomp-bpf, the syscall filtration mechanism that was introduced into Linux since version 3.5. I looked into the source code of kernel/seccomp.c from Linux 3.10 and want to ask some questions about it.From seccomp.c, it seems that seccomp_run_filters() is called from __secure_computing() to test the syscall called by the current process. But looking into seccomp_run_filters(), the syscall number that is passed as an argume
• 
  Keith Thompson
  c linux gcc malloc seccomp
  I would like to execute arbitrary (potentially dangerous) binaries on my server. Therefore, I have used objcopy to rename the “main” symbol to “other_main” so that I could link in my own small main function that sets an appropriate value for RLIMIT_CPU and toggles the SECCOMP flag before calling other_main. I am quite happy with this solution so far.The problem now is, that the 3rd party program code might contain some calls to malloc that might kill the program instantly (sbrk isn’t allowed). T

Web site is in building