seccomp tangle
Hal Murray
hmurray at megapathdsl.net
Wed Feb 26 11:46:49 UTC 2020
Richard said:
> I do not. It seems really fragile to me. A change in an underlying library
> can break a working binary, possibly only in some scenarios. That's scary.
> It'd be safer (but still not completely safe) to enable if I had good (or
> any) "as installed" tests using Debian's autopkgtest, but I do not.
All good points. I've been wondering how to do that sort of testing.
With enough work and enough toys, I think I could setup a reasonably thorough
automated test setup. The idea is to actually run ntpd, feed the server side
live traffic and let the client side generate traffic. We would have to make
a list of all the cases to test and figure out how to test them. Things like
send a HUP, unplug the ethernet, wait an hour for it to write some statistics.
For now, I'm doing it by hand. It's not a long list.
In practice, I haven't seen the long tail that I've been looking for. One
thing in our favor is that ntpd isn't very complicated if you measure the
cross section at the syscall plane. The trick is that if we discover that we
missed one, we have to figure out what caused it and add that to the
what-to-do list when running in collect mode.
Having said that, I just discovered another item for the list. Stepping the
clock uses a timer call that isn't otherwise used.
--
These are my opinions. I hate spam.
More information about the devel
mailing list