[PATCH v7 0/3] Seccomp-assisted syscall filtering
Dmitry V. Levin
ldv at altlinux.org
Wed Sep 25 09:12:35 UTC 2019
On Wed, Sep 25, 2019 at 11:03:32AM +0200, Paul Chaignon wrote:
> On Wed, Sep 25, 2019 at 03:35:52AM +0300, Dmitry V. Levin wrote:
> > On Wed, Sep 25, 2019 at 01:16:37AM +0300, Dmitry V. Levin wrote:
> > > On Tue, Sep 24, 2019 at 08:26:57PM +0200, Paul Chaignon wrote:
> > > > On Tue, Sep 24, 2019 at 09:13:56PM +0300, Dmitry V. Levin wrote:
> > > > > On Mon, Sep 23, 2019 at 02:01:53PM +0200, Paul Chaignon wrote:
> > > >
> > > > [...]
> > > >
> > > > > Thanks, I think this is ready for master.
> > > >
> > > > Great!
> > > >
> > > > > My only reservation is that the name of -n option
> > > > > has no connotation of seccomp-bpf.
> > > >
> > > > I agree. I kept it from the original patchset by lack of a better idea
> > > > only.
> > >
> > > What do you think about introducing --seccomp option instead of -n?
> >
> > Or even --seccomp-bpf, assuming that it can be abbreviated up to --s?
>
> I'm fine with both. I didn't really consider several-letters names, but
> it's probably best given that this is an experimental feature.
There is no support for long options in strace at this moment,
but I think it's long time due.
Given that we have no good ideas for a single-letter option name,
let's introduce long options.
> Are you sure about the --s shortcut though? It's a bit close to the
> existing -s option... Not having a shortcut might be fine if we're going
> to enable seccomp-bpf filtering by default in the future (or if we end up
> removing it).
This is how getopt_long(3) works - it allows abbreviated names for long
options as long as they are not ambiguous.
We are not going to advertise --s, the documentation will describe
--seccomp-bpf, and users will likely choose abbreviated forms like --seccomp.
--
ldv
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://lists.strace.io/pipermail/strace-devel/attachments/20190925/b40e911a/attachment.bin>
More information about the Strace-devel
mailing list