Is there an analogue of seccomp for Windows

Question

Is there an analogue of seccomp for Windows

Is there something like seccomp that works on Windows?

It should restrict all system calls to some very limited set, for example, only read and write to files that are already open.

Described as a sandbox for Chromium, it is not like Seccomp in that it relies on normal Windows file and security object permissions, rather than restricting access to system calls.

+3

windows seccomp

Vi. 08 Feb At 15:28

source to share

2 answers

In fact the only complete implementation for Windows is http://lwn.net/Articles/332974/

-2

Peter wone 08 Feb At 15:34

source to share

aseccompguy · Accepted Answer · 2015-09-13T03:26:48+0000

No, there is nothing like seccomp that runs on Windows. The closest are traditional permissions, which disable certain privileged system calls. But there is currently no whitelisting or whitelisting for any arbitrary system calls or syscall arguments for Windows.

Is there an analogue of seccomp for Windows

More articles: