Wei
we3i
Involved Projects and Packages
Maintainer
Maintainer
Develop the applications with landlock support. Landlock is a subsystem implemented in LSM for creating security sandbox. https://landlock.io/. It adds a new security layer in addition to the existing discretionary Access Control (DAC) and Mandatory Access Controls (MAC) mechanisms.
Also, vanilla kernel is included in which the landlock option in kconfig is enabled by default.
Maintainer
An OCI hook to generate seccomp profiles by tracing the syscalls made by the container. The generated profile would allow all the syscalls made and deny every other syscall.
12 contributions
in the last year
Mon | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Tue | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Wed | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Thu | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Fri | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Sat | |||||||||||||||||||||||||||||||||||||||||||||||||||||
Sun |
Contributions on 2024-09-12
1 commit in home:we3i / oci-seccomp-bpf-hook