diff options
Diffstat (limited to 'src/pseccomp.c')
| -rw-r--r-- | src/pseccomp.c | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/src/pseccomp.c b/src/pseccomp.c new file mode 100644 index 0000000..0b6ef15 --- /dev/null +++ b/src/pseccomp.c @@ -0,0 +1,26 @@ +#include <sys/prctl.h> +#include <seccomp.h> + +#include "seccomp.h" +#include "log.h" + +static scmp_filter_ctx ctx; + + +int pseccomp_init(void) +{ + //ctx = seccomp_init(SCMP_ACT_ERRNO(EINVAL)); + + return 0; +} + +int pseccomp_set_immutable(void) +{ + if (prctl(PR_SET_DUMPABLE, 0) && + prctl(PR_SET_NO_NEW_PRIVS, 1)) + { + FATAL("%s", "PR_SET_NO_NEW_PRIVS, PR_SET_DUMPABLE"); + } + + return 0; +} |