Alexei Starovoitov <alexei.starovoi...@gmail.com> wrote: > If you want to lock down read access you'd need to disable > not only bpf, but all of kprobe and likey ftrace, since > untrusted root can infer kernel data by observing function > execution even if it cannot load modules and bpf progs.
Okay. David
