Crate seccomp_droundy

Expand description

This crate is based on seccomp_sys and provides a higher level wrapper for libseccomp.

Example usage:

extern crate seccomp_droundy;
extern crate libc;

use seccomp_droundy::*;

fn main() {
   	let mut ctx = Context::default(Action::Allow).unwrap();
   	let rule = Rule::new(105 /* setuid on x86_64 */,
   		Compare::arg(0)
			    .with(1000)
				.using(Op::Eq)
				.build().unwrap(),
   		Action::Errno(libc::EPERM) /* return EPERM */
   	);
   	ctx.add_rule(rule).unwrap();
   	ctx.load().unwrap();
   	let ret = unsafe { libc::setuid(1000) };
   	println!("ret = {}, uid = {}", ret, unsafe { libc::getuid() });
}

Macros§

scmp_cmp: A macro to ergonomically express comparisons using ordinary comparison operators.

Structs§

Arch
Compare: Comparison definition builder
Context: Seccomp context
Rule: Seccomp rule
SeccompError: Error type

Enums§

Action: Seccomp actions
Op: Comparison operators
Syscall

Constants§

ARCH_NATIVE
ARCH_X32
ARCH_X86
ARCH_X86_64

Type Aliases§

Cmp

Crate seccomp_droundyCopy item path

Macros§

Structs§

Enums§

Constants§

Type Aliases§

Crate seccomp_droundy