undefined | Better HN

0 pointsPhelinofist16h ago0 comments

Could something like this also be done via BPF?

0 comments

That’s how this[0] project mitigates e.g. CopyFail.

BPF LSM if you want to return -EPERM.

Or a kprobe that kills the process via bpf_send_signal() if BPF LSM isn’t enabled.

j / k navigate · click thread line to collapse

That’s how this[0] project mitigates e.g. CopyFail.

BPF LSM if you want to return -EPERM.

Or a kprobe that kills the process via bpf_send_signal() if BPF LSM isn’t enabled.

j / k navigate · click thread line to collapse