| ▲ | themafia 3 hours ago | |
> If your kernel was built between 2017 and the patch This is why I compile my own kernel. I disable things I don't use. If it's not present it can't hurt you. > block AF_ALG socket creation via seccomp regardless of patch state. Likewise I use seccomp to only allow syscalls that are necessary. Everything else is disabled. In the programs I have that need to connect to a backend socket, that is done, and then socket creation is disabled. | ||
| ▲ | tosti 37 minutes ago | parent [-] | |
Any pointers on how to set that up? Like, run all the things through strace, cut the first field, sort, uniq, run through some template and something somesuch what how? | ||