def test():
action = util.parse_action(sys.argv[1])
if not action == ALLOW:
quit(1)
util.install_trap()
fd = os.open("/dev/null", os.O_WRONLY|os.O_CREAT, 0600)
f = SyscallFilter(TRAP)
# NOTE: additional syscalls required for python
f.add_rule(ALLOW, "write", Arg(0, EQ, fd))
f.add_rule(ALLOW, "close")
f.add_rule(ALLOW, "rt_sigaction")
f.add_rule(ALLOW, "rt_sigreturn")
f.add_rule(ALLOW, "exit_group")
f.add_rule(ALLOW, "brk")
f.load()
try:
if not os.write(fd, "testing") == len("testing"):
raise IOError("failed to write the full test string")
quit(160)
except OSError as ex:
quit(ex.errno)
os.close(fd)
def test():
action = util.parse_action(sys.argv[1])
if not action == ALLOW:
quit(1)
util.install_trap()
f = SyscallFilter(TRAP)
# NOTE: additional syscalls required for python
f.add_rule(ALLOW, "stat")
f.add_rule(ALLOW, "fstat")
f.add_rule(ALLOW, "open")
f.add_rule(ALLOW, "openat")
f.add_rule(ALLOW, "mmap")
f.add_rule(ALLOW, "munmap")
f.add_rule(ALLOW, "read")
f.add_rule(ALLOW, "write")
f.add_rule(ALLOW, "close")
f.add_rule(ALLOW, "rt_sigaction")
f.add_rule(ALLOW, "rt_sigreturn")
f.add_rule(ALLOW, "sigreturn")
f.add_rule(ALLOW, "sigaltstack")
f.add_rule(ALLOW, "brk")
f.add_rule(ALLOW, "exit_group")
f.load()
try:
util.write_file("/dev/null")
except OSError as ex:
quit(ex.errno)
quit(160)
def test():
action = util.parse_action(sys.argv[1])
if not action == ALLOW:
quit(1)
util.install_trap()
f = SyscallFilter(TRAP)
# NOTE: additional syscalls required for python
f.add_rule(ALLOW, "stat")
f.add_rule(ALLOW, "fstat")
f.add_rule(ALLOW, "open")
f.add_rule(ALLOW, "openat")
f.add_rule(ALLOW, "mmap")
f.add_rule(ALLOW, "munmap")
f.add_rule(ALLOW, "read")
f.add_rule(ALLOW, "write")
f.add_rule(ALLOW, "close")
f.add_rule(ALLOW, "rt_sigaction")
f.add_rule(ALLOW, "rt_sigreturn")
f.add_rule(ALLOW, "exit_group")
f.load()
try:
util.write_file("/dev/null")
except OSError as ex:
quit(ex.errno)
quit(160)
def test():
action = util.parse_action(sys.argv[1])
if not action == ALLOW:
quit(1)
util.install_trap()
fd = os.open("/dev/null", os.O_WRONLY | os.O_CREAT)
f = SyscallFilter(TRAP)
# NOTE: additional syscalls required for python
f.add_rule(ALLOW, "write", Arg(0, EQ, fd))
f.add_rule(ALLOW, "close")
f.add_rule(ALLOW, "munmap")
f.add_rule(ALLOW, "rt_sigaction")
f.add_rule(ALLOW, "rt_sigreturn")
f.add_rule(ALLOW, "sigaltstack")
f.add_rule(ALLOW, "exit_group")
f.add_rule(ALLOW, "brk")
f.load()
try:
if not os.write(fd, b"testing") == len("testing"):
raise IOError("failed to write the full test string")
quit(160)
except OSError as ex:
quit(ex.errno)
os.close(fd)
def test():
action = util.parse_action(sys.argv[1])
if action == TRAP:
util.install_trap()
f = SyscallFilter(action)
f.add_rule_exactly(ALLOW, "rt_sigreturn")
f.add_rule_exactly(ALLOW, "exit_group")
f.load()
try:
util.write_file("/dev/null")
except OSError as ex:
quit(ex.errno)
quit(160)
def test():
action = util.parse_action(sys.argv[1])
if action == TRAP:
util.install_trap()
f = SyscallFilter(action)
f.add_rule(ALLOW, "rt_sigreturn")
f.add_rule(ALLOW, "exit_group")
f.load()
try:
util.write_file("/dev/null")
except OSError as ex:
quit(ex.errno)
quit(160)
