Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

seccheck

package

Go to main page

Versions in this module

v1

v1.0.1

Apr 30, 2024

Changes in this version

+ const DefaultSessionName

+ const FieldSyscallExecveEnvv

+ var Points = map[string]PointDesc

+ var Sinks = map[string]SinkDesc

+ func Create(conf *SessionConfig, force bool) error

+ func Delete(name string) error

+ func Initialize()

+ func List(out *[]SessionConfig)

+ func RegisterSink(sink SinkDesc)

+ func SetupSinks(sinks []SinkConfig) ([]*os.File, error)

+ type Field uint

+ const FieldContainerStartEnv

+ const FieldCtxtContainerID

+ const FieldCtxtCredentials

+ const FieldCtxtCwd

+ const FieldCtxtProcessName

+ const FieldCtxtThreadGroupID

+ const FieldCtxtThreadGroupStartTime

+ const FieldCtxtThreadID

+ const FieldCtxtThreadStartTime

+ const FieldCtxtTime

+ const FieldSentryExecveBinaryInfo

+ const FieldSyscallPath

+ type FieldDesc struct

+ ID Field

+ Name string

+ type FieldMask struct

+ func MakeFieldMask(fields ...Field) FieldMask

+ func (fm *FieldMask) Add(field Field)

+ func (fm *FieldMask) Contains(field Field) bool

+ func (fm *FieldMask) Empty() bool

+ func (fm *FieldMask) Remove(field Field)

+ type FieldSet struct

+ Context FieldMask

+ Local FieldMask

+ type Point uint

+ const PointClone

+ const PointContainerStart

+ const PointExecve

+ const PointExitNotifyParent

+ const PointTaskExit

+ func GetPointForSyscall(typ SyscallType, sysno uintptr) Point

+ type PointConfig struct

+ ContextFields []string

+ Name string

+ OptionalFields []string

+ type PointDesc struct

+ ContextFields []FieldDesc

+ ID Point

+ Name string

+ OptionalFields []FieldDesc

+ type PointReq struct

+ Fields FieldSet

+ Pt Point

+ type SessionConfig struct

+ IgnoreMissing bool

+ Name string

+ Points []PointConfig

+ Sinks []SinkConfig

+ type Sink interface

+ Clone func(ctx context.Context, fields FieldSet, info *pb.CloneInfo) error

+ ContainerStart func(context.Context, FieldSet, *pb.Start) error

+ Execve func(ctx context.Context, fields FieldSet, info *pb.ExecveInfo) error

+ ExitNotifyParent func(ctx context.Context, fields FieldSet, info *pb.ExitNotifyParentInfo) error

+ Name func() string

+ RawSyscall func(context.Context, FieldSet, *pb.Syscall) error

+ Status func() SinkStatus

+ Stop func()

+ Syscall func(context.Context, FieldSet, *pb.ContextData, pb.MessageType, proto.Message) error

+ TaskExit func(context.Context, FieldSet, *pb.TaskExit) error

+ type SinkConfig struct

+ Config map[string]any

+ FD *fd.FD

+ IgnoreSetupError bool

+ Name string

+ Status SinkStatus

+ type SinkDefaults struct

+ func (SinkDefaults) Clone(context.Context, FieldSet, *pb.CloneInfo) error

+ func (SinkDefaults) ContainerStart(context.Context, FieldSet, *pb.Start) error

+ func (SinkDefaults) Execve(context.Context, FieldSet, *pb.ExecveInfo) error

+ func (SinkDefaults) ExitNotifyParent(context.Context, FieldSet, *pb.ExitNotifyParentInfo) error

+ func (SinkDefaults) RawSyscall(context.Context, FieldSet, *pb.Syscall) error

+ func (SinkDefaults) Status() SinkStatus

+ func (SinkDefaults) Stop()

+ func (SinkDefaults) Syscall(context.Context, FieldSet, *pb.ContextData, pb.MessageType, proto.Message) error

+ func (SinkDefaults) TaskExit(context.Context, FieldSet, *pb.TaskExit) error

+ type SinkDesc struct

+ Name string

+ New func(config map[string]any, endpoint *fd.FD) (Sink, error)

+ Setup func(config map[string]any) (*os.File, error)

+ type SinkStatus struct

+ DroppedCount uint64

+ type State struct

+ var Global State

+ func (s *State) AddSyscallFlagListener(listener SyscallFlagListener)

+ func (s *State) AppendSink(c Sink, reqs []PointReq)

+ func (s *State) Enabled(p Point) bool

+ func (s *State) GetFieldSet(p Point) FieldSet

+ func (s *State) SentToSinks(fn func(c Sink) error) error

+ func (s *State) SyscallEnabled(typ SyscallType, sysno uintptr) bool

+ type SyscallFlagListener interface

+ UpdateSecCheck func(state *State)

+ type SyscallType int

+ const SyscallEnter

+ const SyscallExit

+ const SyscallRawEnter

+ const SyscallRawExit