Slide 32
Slide 32 text
default-no-chmod
{ "name": "chmod",
"action": "SCMP_ACT_ALLOW",
"args": []
},
{
"name": "fchmod",
"action": "SCMP_ACT_ALLOW",
"args": []
},
{
"name": "fchmodat",
"action": "SCMP_ACT_ALLOW",
"args": []
},
The default.json profile has the chmod(),
fchmod(), and chmodatsyscalls included in
its whitelist..