Configuring apparmor / seccomp for a snap to allow sendmsg and mkfifo?
Dan Kegel
dank at kegel.com
Tue Oct 25 14:53:23 UTC 2016
On Tue, Oct 25, 2016 at 6:33 AM, Jamie Strandboge <jamie at canonical.com> wrote:
> Instead of using an abstract or anonymous socket, use a named socket and put in
> SNAP_DATA
Sounds very doable, I'll try.
> It is planned to allow snaps via
> seccomp arg filtering policy the ability to create S_IFIFO and S_IFREG files
> (ie, pipes and regular files, but not character and block devices), but it
> hasn't landed yet.
Is this it? https://bugs.launchpad.net/ubuntu/+source/ubuntu-core-launcher/+bug/1446748
Thanks!
- Dan
More information about the Snapcraft
mailing list