syscalls

Jan 1, 0001

Definition

Syscalls, or system calls, are interfaces through which a program requests a service from the kernel of the operating system. They provide the essential means for user-space applications to interact with the hardware and system resources, such as file management, process control, and network communication. Proper management and restriction of syscalls are crucial for maintaining system security, as they can be exploited by malicious actors to perform unauthorized actions.

Secure Settings Example

# Example of a Kubernetes PodSecurityPolicy restricting syscalls
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
  name: restricted-syscalls
spec:
  allowedUnsafeSysctls: []
  forbiddenSysctls:
    - '*'
  runAsUser:
    rule: MustRunAsNonRoot

Insecure Settings Example

# Example of a Kubernetes PodSecurityPolicy with overly permissive syscalls
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
  name: permissive-syscalls
spec:
  allowedUnsafeSysctls:
    - '*'
  runAsUser:
    rule: RunAsAny

syscalls

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter