Skip to content

xtrf/noexecve

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.gitignore
.gitignore
 
 
COPYING
COPYING
 
 
Makefile
Makefile
 
 
README
README
 
 
noexecve.c
noexecve.c
 
 

Repository files navigation

Disable execve for select processes
───────────────────────────────────

libnoexecve.so is expected to be listed in /etc/ld.so.preload or manually
injected through LD_PRELOAD env variable, for example with systemd:

Environment=LD_PRELOAD=/.noexec/libnoexecve.so

Once it is active, it will examine /proc/self/exe.  If this file has
an extended attribute "user.noexecve", it will install a seccomp
handler which blocks execve (and execveat, if defined at compilation
time).  You can set such an extended attribute on a program with:

  setfattr -n user.noexecve <program>

setfattr is part of the attr package.

Alternatively, the library blocks all execve() calls if the /proc/self/cmdline
param contains "java".

Please send feedback and comments to: XTRF Admin Team <admin+gh-noexecve@xtrf.eu>

About

No description, website, or topics provided.

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages