New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Please add an Profile for Skype #99
Comments
This could be the same problem as #86, as skype is also only available as 32-bit package. |
It has the same 32bit/64bit seccomp problem as wine and steam. Can you please try:
This should disable seccomp for now. |
is working. But if it makes sence? As far is i am understand, i can secure some dirs and files to denied the access to it. |
This is great news! It means we are 90% done. This is how the sandbox works: First, it configures a new home directory (blacklists, whitelists etc.) It is basically a chroot created on the fly. Second, a seccomp filter will prevent the intruder to escape the chroot. Third, just in case he managed to remove the chroot, a Linux capabilites (man 7 capabilities) filter is installed. This disables kernel module loading, filesystem mounts, changing networking system etc. Basically all sysadmin actions are disabled. The only thing we are missing is the seccomp filter. It will come in the next few days. By the end of the week we should be all done. Until then, run it like this:
I'll comment here on this thread when seccomp is in. Thanks. |
Sorry, something else you can try. Build a skype profile in your home directory:
Then, open skype.profile file in a text editor and comment out seccomp line (add a # in front of the line). Somebody just submitted a patch with a similar profile for steam. |
works, so it protect my files. thats enough for me |
Fixed, skype profile included. |
Hi There,
please add an Profile for Skype. I tried on my own, but i cant get it to work.
Micha
The text was updated successfully, but these errors were encountered: