On Tuesday, April 30, 2013 04:28:54 PM Corey Bryant wrote:
Just to be clear, I'm thinking you could launch guests in one of two
different seccomp sandboxed environments:
1) Using the existing and more permissive whitelist where every QEMU
feature works:
qemu-kvm -sandbox on,default
In
On 05/01/2013 10:13 AM, Paul Moore wrote:
On Tuesday, April 30, 2013 04:28:54 PM Corey Bryant wrote:
Just to be clear, I'm thinking you could launch guests in one of two
different seccomp sandboxed environments:
1) Using the existing and more permissive whitelist where every QEMU
feature
On 04/30/2013 12:24 PM, Paul Moore wrote:
On Monday, April 29, 2013 05:52:10 PM Corey Bryant wrote:
On 04/26/2013 05:07 PM, Paul Moore wrote:
[snip]
3. Debugging and/or learning mode - third party libraries still have the
problem of interfering in the Qemu's signal mask. According to some
On 05/01/2013 01:25 PM, Eduardo Otubo wrote:
On 04/30/2013 12:24 PM, Paul Moore wrote:
On Monday, April 29, 2013 05:52:10 PM Corey Bryant wrote:
On 04/26/2013 05:07 PM, Paul Moore wrote:
[snip]
3. Debugging and/or learning mode - third party libraries still
have the
problem of
On Monday, April 29, 2013 05:52:10 PM Corey Bryant wrote:
On 04/26/2013 05:07 PM, Paul Moore wrote:
[snip]
3. Debugging and/or learning mode - third party libraries still have the
problem of interfering in the Qemu's signal mask. According to some
previous discussions, perhaps patch
On 04/29/2013 07:02 PM, Corey Bryant wrote:
On 04/29/2013 02:39 PM, Eduardo Otubo wrote:
On 04/26/2013 06:07 PM, Paul Moore wrote:
On Friday, April 26, 2013 03:39:33 PM Eduardo Otubo wrote:
Hello folks,
Resuming the sandboxing work, I'd like to ask for comments on the
ideias I have:
On 04/30/2013 02:47 PM, Eduardo Otubo wrote:
On 04/29/2013 07:02 PM, Corey Bryant wrote:
On 04/29/2013 02:39 PM, Eduardo Otubo wrote:
On 04/26/2013 06:07 PM, Paul Moore wrote:
On Friday, April 26, 2013 03:39:33 PM Eduardo Otubo wrote:
Hello folks,
Resuming the sandboxing work, I'd
On 04/26/2013 06:07 PM, Paul Moore wrote:
On Friday, April 26, 2013 03:39:33 PM Eduardo Otubo wrote:
Hello folks,
Resuming the sandboxing work, I'd like to ask for comments on the
ideias I have:
1. Reduce whitelist to the optimal subset: Run various tests on Qemu
with different
On Monday, April 29, 2013 03:39:57 PM Eduardo Otubo wrote:
On 04/26/2013 06:07 PM, Paul Moore wrote:
On Friday, April 26, 2013 03:39:33 PM Eduardo Otubo wrote:
Also, looking a bit further ahead, it might be interesting to look at
removing some of the arch dependent stuff in qemu-seccomp.c.
On 04/26/2013 07:17 PM, Paolo Bonzini wrote:
Il 26/04/2013 23:07, Paul Moore ha scritto:
3. Debugging and/or learning mode - third party libraries still have the
problem of interfering in the Qemu's signal mask. According to some
previous discussions, perhaps patch all external libraries that
Il 29/04/2013 21:57, Eduardo Otubo ha scritto:
On 04/26/2013 07:17 PM, Paolo Bonzini wrote:
Il 26/04/2013 23:07, Paul Moore ha scritto:
3. Debugging and/or learning mode - third party libraries still
have the
problem of interfering in the Qemu's signal mask. According to some
previous
On 04/26/2013 05:07 PM, Paul Moore wrote:
[snip]
3. Debugging and/or learning mode - third party libraries still have the
problem of interfering in the Qemu's signal mask. According to some
previous discussions, perhaps patch all external libraries that mass up
with this mask (spice, for
On 04/29/2013 02:39 PM, Eduardo Otubo wrote:
On 04/26/2013 06:07 PM, Paul Moore wrote:
On Friday, April 26, 2013 03:39:33 PM Eduardo Otubo wrote:
Hello folks,
Resuming the sandboxing work, I'd like to ask for comments on the
ideias I have:
1. Reduce whitelist to the optimal subset: Run
Hello folks,
Resuming the sandboxing work, I'd like to ask for comments on the
ideias I have:
1. Reduce whitelist to the optimal subset: Run various tests on Qemu
with different configurations to reduce to the smallest syscall set
possible; test and send a patch weekly (this is already
On Friday, April 26, 2013 03:39:33 PM Eduardo Otubo wrote:
Hello folks,
Resuming the sandboxing work, I'd like to ask for comments on the
ideias I have:
1. Reduce whitelist to the optimal subset: Run various tests on Qemu
with different configurations to reduce to the smallest syscall
Il 26/04/2013 23:07, Paul Moore ha scritto:
3. Debugging and/or learning mode - third party libraries still have the
problem of interfering in the Qemu's signal mask. According to some
previous discussions, perhaps patch all external libraries that mass up
with this mask (spice, for
16 matches
Mail list logo