3 Sep
2012
3 Sep
'12
5:07 p.m.
On Mon, Sep 3, 2012 at 7:03 AM, Ján Tomko <jtomko@redhat.com> wrote:
QEMU (since 1.2-rc0) supports setting up a syscall whitelist through libseccomp on linux kernel from 3.5-rc1. This is enabled by specifying -sandbox on on qemu command line.
<snip> There's a big push to not rely on -help scraping, please work with qemu upstream to get this exposed through the QMP and query for the capability that way. -- Doug Goldstein