{"id":5819,"date":"2014-04-07T09:29:30","date_gmt":"2014-04-07T09:29:30","guid":{"rendered":"https:\/\/unknownerror.org\/index.php\/2014\/04\/07\/problem-about-seccomp-collection-of-common-programming-errors\/"},"modified":"2014-04-07T09:29:30","modified_gmt":"2014-04-07T09:29:30","slug":"problem-about-seccomp-collection-of-common-programming-errors","status":"publish","type":"post","link":"https:\/\/unknownerror.org\/index.php\/2014\/04\/07\/problem-about-seccomp-collection-of-common-programming-errors\/","title":{"rendered":"problem about seccomp-Collection of common programming errors"},"content":{"rendered":"<ul>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/826414ac201fd420f7e74f73c7c3f937?s=32&amp;d=identicon&amp;r=PG&amp;f=1\" \/><br \/>\nAlice Cruel<br \/>\nlinux security kernel syscall seccomp<br \/>\nI&#8217;m a Linux Kernel newbie.I&#8217;m investigating the implementation detail of seccomp-bpf, the syscall filtration mechanism that was introduced into Linux since version 3.5. I looked into the source code of kernel\/seccomp.c from Linux 3.10 and want to ask some questions about it.From seccomp.c, it seems that seccomp_run_filters() is called from __secure_computing() to test the syscall called by the current process. But looking into seccomp_run_filters(), the syscall number that is passed as an argume<\/li>\n<li><img decoding=\"async\" src=\"http:\/\/www.gravatar.com\/avatar\/216c1db53d752f87dd8176a6ba0c2190?s=32&amp;d=identicon&amp;r=PG\" \/><br \/>\nKeith Thompson<br \/>\nc linux gcc malloc seccomp<br \/>\nI would like to execute arbitrary (potentially dangerous) binaries on my server. Therefore, I have used objcopy to rename the &#8220;main&#8221; symbol to &#8220;other_main&#8221; so that I could link in my own small main function that sets an appropriate value for RLIMIT_CPU and toggles the SECCOMP flag before calling other_main. I am quite happy with this solution so far.The problem now is, that the 3rd party program code might contain some calls to malloc that might kill the program instantly (sbrk isn&#8217;t allowed). T<\/li>\n<\/ul>\n<p>Web site is in building<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Alice Cruel linux security kernel syscall seccomp I&#8217;m a Linux Kernel newbie.I&#8217;m investigating the implementation detail of seccomp-bpf, the syscall filtration mechanism that was introduced into Linux since version 3.5. I looked into the source code of kernel\/seccomp.c from Linux 3.10 and want to ask some questions about it.From seccomp.c, it seems that seccomp_run_filters() is [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-5819","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/5819","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/comments?post=5819"}],"version-history":[{"count":0,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/5819\/revisions"}],"wp:attachment":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/media?parent=5819"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/categories?post=5819"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/tags?post=5819"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}