[OpenWrt-Devel] [PATCH procd v2 0/5] jail work

Etienne CHAMPETIER champetier.etienne at gmail.com
Tue Aug 25 19:00:38 EDT 2015

This patch series rework a bit ujail,
and add capabilities support to it

Seccomp filter are very powerful but not totally generic,
each arch can have different set of syscalls,
each libc can use different syscall for the same function,
and seccomp isn't supported on all arch.

Capabilities are more high level, but still can restrict
jail to a sane minimum of privileges.

Patch 4 is a bit big and i can split it if needed, just tell me how

Waiting for your comments
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org

More information about the openwrt-devel mailing list