Hacker News new | ask | show | jobs
by Phelinofist 33 days ago
Could something like this also be done via BPF?
1 comments
ARob109 33 days ago
That’s how this[0] project mitigates e.g. CopyFail.

BPF LSM if you want to return -EPERM.

Or a kprobe that kills the process via bpf_send_signal() if BPF LSM isn’t enabled.

[0] https://github.com/cozystack/copy-fail-blocker#how-it-works

link