I'm giving up on seccomp
Gary E. Miller
gem at rellim.com
Wed Sep 2 17:20:38 UTC 2020
Yo Eric!
On Wed, 2 Sep 2020 05:52:54 -0400
"Eric S. Raymond via devel" <devel at ntpsec.org> wrote:
> Hal Murray <hmurray at megapathdsl.net>:
> > You keep saying seccomp is important. What does it buy us? ntpd
> > is a big complicated program. It reads and writes files. It opens
> > network connections. What else would a bad guy need to do?
>
> I think you misunderstand. I don't believe seccomp is objectively
> very important in itself, and never have. My problem with dropping it
> is that if we do that, we could be seen to have abandoned part of a
> security defense in depth because it's too much work. That's not a
> good look for a project with our mission statememt.
Sadly, I agree with both of you.
I agree with Hal that seccomp is mere security theater. One that
requires a lot of effort to sustain, for no actual value.
I agree with Eric that the perception that seccomp makes systems
safer is also strong. That (mis)perception has value for NTPsec.
So, as Eric said:
"You should assign seccomp-related bugs to me and I will deal with them."
He wants to carry the load, let him.
"Think of this as incentive for me to get serious about moving the
daemon to Go"
Lost me. seccomp applies to Go as much as it applies to C.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can't measure it, you can't improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20200902/fdaf9dd7/attachment-0001.bin>
More information about the devel
mailing list