mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
e01bf76964
full diff: 32f571b700...689e3c1541
Release notes:
* Version 0.9.1 - May 21, 2019
- Minimum supported version of libseccomp bumped to v2.2.0
- Use Libseccomp's `seccomp_version` API to retrieve library version
- Unconditionally set TSync attribute for filters, due to Go's heavily threaded nature
- Fix CVE-2017-18367 - Multiple syscall arguments were incorrectly combined with logical-OR, instead of logical-AND
- Fix a failure to build on Debian-based distributions due to CGo code
- Fix unit test failures on 32-bit architectures
- Improve several errors to be more verbose about their causes
- Add support for SCMP_ACT_LOG (with libseccomp versions 2.4.x and higher), permitting syscalls but logging their execution
- Add support for SCMP_FLTATR_CTL_LOG (with libseccomp versions 2.4.x and higher), logging not-allowed actions when they are denied
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
51 lines
1.8 KiB
Text
51 lines
1.8 KiB
Text
libseccomp-golang: Go Language Bindings for the libseccomp Project
|
|
===============================================================================
|
|
https://github.com/seccomp/libseccomp-golang
|
|
https://github.com/seccomp/libseccomp
|
|
|
|
The libseccomp library provides an easy to use, platform independent, interface
|
|
to the Linux Kernel's syscall filtering mechanism. The libseccomp API is
|
|
designed to abstract away the underlying BPF based syscall filter language and
|
|
present a more conventional function-call based filtering interface that should
|
|
be familiar to, and easily adopted by, application developers.
|
|
|
|
The libseccomp-golang library provides a Go based interface to the libseccomp
|
|
library.
|
|
|
|
* Online Resources
|
|
|
|
The library source repository currently lives on GitHub at the following URLs:
|
|
|
|
-> https://github.com/seccomp/libseccomp-golang
|
|
-> https://github.com/seccomp/libseccomp
|
|
|
|
The project mailing list is currently hosted on Google Groups at the URL below,
|
|
please note that a Google account is not required to subscribe to the mailing
|
|
list.
|
|
|
|
-> https://groups.google.com/d/forum/libseccomp
|
|
|
|
Documentation is also available at:
|
|
|
|
-> https://godoc.org/github.com/seccomp/libseccomp-golang
|
|
|
|
* Installing the package
|
|
|
|
The libseccomp-golang bindings require at least Go v1.2.1 and GCC v4.8.4;
|
|
earlier versions may yield unpredictable results. If you meet these
|
|
requirements you can install this package using the command below:
|
|
|
|
$ go get github.com/seccomp/libseccomp-golang
|
|
|
|
* Testing the Library
|
|
|
|
A number of tests and lint related recipes are provided in the Makefile, if
|
|
you want to run the standard regression tests, you can excute the following:
|
|
|
|
$ make check
|
|
|
|
In order to execute the 'make lint' recipe the 'golint' tool is needed, it
|
|
can be found at:
|
|
|
|
-> https://github.com/golang/lint
|
|
|