Y
Hacker News
new
|
ask
|
show
|
jobs
by
matheusmoreira
1810 days ago
Agreed. We need ways to filter every Linux system call. Not just disallow the system calls themselves. We need the ability to apply policies to parameters and filter I/O in a transparent way.
1 comments
jfrunyon
1810 days ago
https://en.wikipedia.org/wiki/Systrace
https://en.wikipedia.org/wiki/Linux_Security_Modules
link