-
Notifications
You must be signed in to change notification settings - Fork 0
License
xtrf/noexecve
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Disable execve for select processes ─────────────────────────────────── libnoexecve.so is expected to be listed in /etc/ld.so.preload or manually injected through LD_PRELOAD env variable, for example with systemd: Environment=LD_PRELOAD=/.noexec/libnoexecve.so Once it is active, it will examine /proc/self/exe. If this file has an extended attribute "user.noexecve", it will install a seccomp handler which blocks execve (and execveat, if defined at compilation time). You can set such an extended attribute on a program with: setfattr -n user.noexecve <program> setfattr is part of the attr package. Alternatively, the library blocks all execve() calls if the /proc/self/cmdline param contains "java". Please send feedback and comments to: XTRF Admin Team <[email protected]>
About
No description, website, or topics provided.
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published