[OpenWrt-Devel] [PATCH procd v2 0/5] jail work
champetier.etienne at gmail.com
Tue Aug 25 19:00:38 EDT 2015
This patch series rework a bit ujail,
and add capabilities support to it
Seccomp filter are very powerful but not totally generic,
each arch can have different set of syscalls,
each libc can use different syscall for the same function,
and seccomp isn't supported on all arch.
Capabilities are more high level, but still can restrict
jail to a sane minimum of privileges.
Patch 4 is a bit big and i can split it if needed, just tell me how
Waiting for your comments
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
More information about the openwrt-devel