Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var EPERM uint64 = ^uint64(syscall.EACCES - 1)
Permission Denied Return Code, cannot set it to -13 directly (since uint) so a workaround is used leveraging XOR
Functions ¶
This section is empty.
Types ¶
type PtraceEnforcer ¶
func NewPtraceEnforcer ¶
func NewPtraceEnforcer(container *tp.Container, logger *feeder.Feeder) *PtraceEnforcer
func (*PtraceEnforcer) StartSystemTracer ¶
func (pe *PtraceEnforcer) StartSystemTracer()
func (*PtraceEnforcer) UpdateRules ¶
func (pe *PtraceEnforcer) UpdateRules(securityPolicies []tp.SecurityPolicy, defaultPosture tp.DefaultPosture)
type RuleConfig ¶
type RuleConfig struct {
Dir, Hint, Recursive, ReadOnly, OwnerOnly, Deny, Allow bool
}
type RuleSet ¶
type RuleSet struct { ProcessRules map[InnerKey]RuleConfig FileRules map[InnerKey]RuleConfig NetworkRules map[InnerKey]RuleConfig ProcWhiteListPosture bool FileWhiteListPosture bool NetWhiteListPosture bool }
func CreateNewRuleSet ¶
func CreateNewRuleSet() (r *RuleSet)
type Tracer ¶
type Tracer struct { *PtraceEnforcer // contains filtered or unexported fields }
func (*Tracer) NewBaseLog ¶
Click to show internal directories.
Click to hide internal directories.