change default behavior for execve from accept to log

2023-11-02 00:00:06 +08:00
parent 6b52b19eaf
commit bc6ed96d43
1 changed files with 1 additions and 1 deletions
--- a/src/main.rs
+++ b/src/main.rs
@ -134,7 +134,7 @@ fn main() -> anyhow::Result<()> {
    let mut filter = ScmpFilterContext::new_filter(default_action)?;
    filter.add_rule(
-        ScmpAction::Allow,
+        ScmpAction::Log,
        ScmpSyscall::from(nix::libc::SYS_execve as i32),
    )?;