Threads

extrasafe_multiarch::builtins::danger_zone

Struct Threads 

Source 
pub struct Threads { /* private fields */ }
Expand description

Allows clone and sleep syscalls, which allow creating new threads and processes, and pausing them.

§Security

This is in the danger zone not because it’s dangerous but because it can be misused: Threads do not provide isolation from each other. You can still access other threads’ memory and potentially get them to do operations that are not allowed in the current thread’s seccomp context.

Implementations§

Source§

impl Threads

Source

pub fn nothing() -> Threads

Create a new Threads ruleset with nothing allowed by default.

Source

pub fn allow_create(self) -> Threads

Allow creating new threads and processes.

Source

pub fn allow_sleep(self) -> YesReally<Threads>

Allow sleeping on the current thread

§Security considerations

An attacker with arbitrary code execution and access to a high resolution timer can mount timing attacks (e.g. spectre).

Trait Implementations§

Source§

impl RuleSet for Threads

Source§

fn simple_rules(&self) -> Vec<Sysno>

A simple rule is a seccomp rule that just allows the syscall without restriction.
Source§

fn conditional_rules(&self) -> HashMap<Sysno, Vec<SeccompRule>>

A conditional rule is a seccomp rule that uses a condition to restrict the syscall, e.g. only specific flags as parameters.
Source§

fn name(&self) -> &'static str

The name of the profile.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.