[PATCH v6 1/3] Introduce seccomp-assisted syscall filtering
Dmitry V. Levin
ldv at altlinux.org
Sun Sep 22 21:22:09 UTC 2019
On Mon, Sep 23, 2019 at 12:00:54AM +0300, Dmitry V. Levin wrote:
> On Sun, Sep 22, 2019 at 10:13:29PM +0200, Paul Chaignon wrote:
[...]
> > + if (seccomp_filtering) {
> > + if ((opt_p && !argc) || debug_flag)
>
> I think we can avoid introducing opt_p and check nprocs instead.
>
> > + error_msg("-n is ineffective on processes attached with -p");
>
> It's not just ineffective, it's not enabled for these processes.
Looks like it makes sense to print diagnostics regardless of argc and
debug_flag.
--
ldv
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://lists.strace.io/pipermail/strace-devel/attachments/20190923/c551f295/attachment.bin>
More information about the Strace-devel
mailing list