[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1110377: ITP: kafel -- Kafel is a language and library for specifying syscall filtering policies



Package: wnpp
Severity: wishlist
Owner: Stephen Crosby <stevecrozz@gmail.com>
X-Debbugs-Cc: debian-devel@lists.debian.org

* Package name    : kafel
  Version         : 20231004
  Upstream Contact: https://github.com/google/kafel/issues
* URL             : https://google.github.io/kafel/
* License         : Apache-2.0
  Programming Lang: C
  Description     : Kafel is a language and library for specifying syscall filtering policies. The policies are compiled into BPF code that can be used with seccomp-filter.

Kafel is a small, embeddable library that implements a custom policy language for defining seccomp-bpf rules. It is used by security sandboxing tools such as nsjail to safely filter system calls. The library supports a simple, C-like syntax and compiles policies into BPF programs.

I intend to package this as a shared library (`libkafel1`) and a development package (`libkafel-dev`) following Debian policy for shared libraries.

This package is a prerequisite for packaging `nsjail`, which I also intend to submit separately.

I am preparing the package and will upload it to mentors.debian.net for sponsorship.

Reply to: