The existing grouped fork(), clone(), execve() together
in a discussion about child processes. But execve()
does not create a process.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Combines documentation from prctl, in-kernel seccomp_filter.txt
and dropper.c, along with details specific to the new system call.
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>