Should we dump seccomp?
Gary E. Miller
gem at rellim.com
Mon May 8 22:19:25 UTC 2017
Yo Hal!
On Mon, 08 May 2017 15:12:50 -0700
Hal Murray via devel <devel at ntpsec.org> wrote:
> The problem is that there is no simple way to translate a POSIX call
> to a kernel call. There is libc and friends between what ntpd does
> and the actual system calls. Sometimes, that's simple. Sometimes
> it's complicated. If varies between distros and releases.
Yup, a rat's nest.
But, people want it. The only way to prove to most of them that it
is a useless PITA is to give them the option to enable it. And it will
add some value to a few users.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20170508/c6f1c964/attachment.bin>
More information about the devel
mailing list