Closed Foosec closed 2 years ago
It's expected behaviour
man 3 seccomp_rule_add
:
RETURN VALUE
-EACCCES The rule conflicts with the filter (for example, the rule action equals the default action of the filter).
EACCES
is 13
Thank you! Not sure how i missed that one.
The above code only seems to error on adding the second rule, when seccomp_init doesn't use SCMP_ACT_NOTIFY or SCMP_ACT_ALLOW, for example setting it to SCMP_ACT_LOG proceeds without issue.
Hopefully im not missing some intended behaviour here.
The output of the above code is :