Skip to content

Commit

Permalink
Update user guide with direct .enable(Sysno) info
Browse files Browse the repository at this point in the history
  • Loading branch information
@boustrophedon
boustrophedon committed Nov 14, 2023
1 parent 904e502 commit c38a1e5
Showing 1 changed file with 12 additions and 1 deletion.
13 changes: 12 additions & 1 deletion user-guide.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,18 @@ Seccomp, the underlying functionality provided by the kernel that extrasafe uses

If you want to use syscalls that aren't included in any of the builtin rulesets, consider [filing an issue to request a new one!](https://github.com/boustrophedon/extrasafe/issues)

In the meantime, you can create your own:
`RuleSet` is implemented for the `Sysno` type directly, so if you just want to enable one or two syscalls, the simplest way to do so is:

```rust
extrasafe::SafetyContext::new()
.enable(syscalls::Sysno::reboot).unwrap()
.enable(syscalls::Sysno::sysinfo).unwrap()
.apply_to_current_thread().unwrap();
```

However, this doesn't work for conditional rules yet.

In the meantime, you can create your own RuleSet:

```rust
use extrasafe::*;
Expand Down

0 comments on commit c38a1e5

Please sign in to comment.