On Wed, Sep 09, 2015 at 06:27:06PM +0100, David Drysdale wrote: > On Wed, Sep 9, 2015 at 1:25 AM, Eric W. Biederman <ebied...@xmission.com> > wrote: > > Andy Lutomirski <l...@amacapital.net> writes: > > > On Tue, Sep 8, 2015 at 4:07 PM, Eric W. Biederman <ebied...@xmission.com> > > > wrote: > > (From this perspective, the limitation that seccomp-bpf programs only > have access to syscall arguments by-value is actually a help -- the filter > can't look into user memory, so can't be fooled by having memory > contents changed underneath it. Of course, if the eBPF stuff ever > changes that we should watch out...)
Yup and I'm quite sure I've seen that raised as a reason to refuse supporting exactly that. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
