App-EvalServerAdvanced
view release on metacpan or search on metacpan
skel-sandbox/etc/seccomp.yaml view on Meta::CPAN
- 'O_NONBLOCK'
- 'O_EXCL'
- 'O_RDONLY'
- 'O_NOFOLLOW'
- 'O_CLOEXEC'
file_tty:
include:
- file_open
permute:
open_modes:
- 'O_NOCTTY'
file_write:
include:
- file_open
- file_readonly
permute:
open_modes:
- 'O_CREAT'
- 'O_WRONLY'
- 'O_TRUNC'
- 'O_RDWR'
rules:
- syscall: write
- syscall: pwrite64
file_temp:
rules:
- syscall: chmod
tests:
- [1, '==', 0o600]
- syscall: unlink
lang_javascript:
include:
- default
- file_temp
rules:
- syscall: pipe2
- syscall: epoll_create1
- syscall: eventfd2
- syscall: epoll_ctl
- syscall: epoll_wait
- syscall: ioctl
tests:
- [1, '==', 'FIOCLEX']
- syscall: clone
tests:
- [0, '==', 'CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID']
- syscall: ioctl
tests:
- [1, '==', 'TIOCGPTN']
- syscall: ioctl
tests:
- [1, '==', 'FIONBIO']
- syscall: ioctl
tests: # Let node do any ioctl to stdout
- [0, '==', 1]
- syscall: ioctl
tests: # let node do any ioctl to stderr
- [0, '==', 2]
lang_perl:
include:
- default
rules: []
lang_ruby:
include:
- default
rules:
- syscall: clone
tests:
- [0, '==', 'CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID']
- syscall: sigaltstack
- syscall: pipe2
- syscall: write
tests: # Used for inter thread communication. FDs might change number depending on release
- [0, '==', 5]
- syscall: write
tests: # Used for inter thread communication. FDs might change number depending on release
- [0, '==', 7]
stdio:
rules:
- syscall: read # Read from STDIN
tests:
- [0, '==', 0]
- syscall: write # Write to STDOUT
tests:
- [0, '==', 1]
- syscall: write # Write to STDERR
tests:
- [0, '==', 2]
( run in 1.918 second using v1.01-cache-2.11-cpan-d8267643d1d )