seccomp-bpf to block callback shellcode

samuraictf / gatekeeper

GATEKEEPER: Inline and on-target defense

119 stars 15 forks source link

Closed bool101 closed 9 years ago

bool101 commented 9 years ago

seccomp-bpf filters are inherited by child processes. We can block system calls to connect(), sendto(), sendfile(), and others.

bool101 commented 9 years ago

merged no_network code from ebeip90 branch, completed