[mirrors/Programs.git] / c / seccomp.c

/* seccomp.c
 *
 * This demonstrates how to use SECCOMP_MODE_STRICT to sandbox code on Linux.
 */

#include <string.h>
#include <sys/prctl.h>
#include <linux/seccomp.h>
#include <sys/syscall.h>

#define DISPLAY(msg) (syscall( SYS_write, 2, msg, strlen(msg) ))

int main() {
	system("echo before");

	if(prctl(PR_SET_SECCOMP, SECCOMP_MODE_STRICT) == 0)
		DISPLAY("SECCOMP Enabled!\n"); else DISPLAY("SECCOMP Fail!\n");
	//fflush(NULL);

	system("echo after");
}
Commit	Line	Data
06d21dc9 TM	1	/* seccomp.c
	2	*
	3	* This demonstrates how to use SECCOMP_MODE_STRICT to sandbox code on Linux.
	4	*/
	5
	6	#include <string.h>
	7	#include <sys/prctl.h>
	8	#include <linux/seccomp.h>
	9	#include <sys/syscall.h>
	10
	11	#define DISPLAY(msg) (syscall( SYS_write, 2, msg, strlen(msg) ))
	12
	13	int main() {
	14	system("echo before");
	15
	16	if(prctl(PR_SET_SECCOMP, SECCOMP_MODE_STRICT) == 0)
	17	DISPLAY("SECCOMP Enabled!\n"); else DISPLAY("SECCOMP Fail!\n");
	18	//fflush(NULL);
	19
	20	system("echo after");
	21	}