Seccomp tangle
Eric S. Raymond
esr at thyrsus.com
Wed May 27 12:36:35 UTC 2020
Hal Murray <hmurray at megapathdsl.net>:
>
> esr at thyrsus.com said:
> > Aaarrgghhh. It;s a huge pain in the ass and I wish it weren't interesting.
> > But given our mission statememnnt, it has to be.
>
> Just to make sure we are on the same wavelength...
>
> My question/proposal was not to drop seccomp if we didn't do what I sketched
> out. It was to allow a slightly tighter/cleaner list of syscalls if you were
> willing to put in the work to collect the data. The old merger of all
> syscalls ever seen on any system approach would still be the default if you
> enabled seccomp and didn't specify your own list.
Understood.
Now I'm torn between devel/ and contrib/. Use your judgment.
--
<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
More information about the devel
mailing list