https://lwn.net/Articles/475043/ This is a special feed containing comments posted to the individual LWN article titled "Yet another new approach to seccomp". en-us Fri, 04 Oct 2024 08:38:13 +0000 Fri, 04 Oct 2024 08:38:13 +0000 https://www.rssboard.org/rss-specification [email protected] https://lwn.net/Articles/507890/ https://lwn.net/Articles/507890/ jamesmorris <div class="FormattedComment"> All great ideas seem "obvious" after the fact.<br> <p> It's an inspired work of engineering.<br> <p> <p> </div> Tue, 24 Jul 2012 06:51:31 +0000 https://lwn.net/Articles/507116/ https://lwn.net/Articles/507116/ pcmoore <div class="FormattedComment"> See libseccomp -&gt; <a href="https://lwn.net/Articles/494252">https://lwn.net/Articles/494252</a><br> </div> Tue, 17 Jul 2012 18:34:22 +0000 https://lwn.net/Articles/499774/ https://lwn.net/Articles/499774/ whacker <div class="FormattedComment"> How does this stop implementing syscalls in their own code?<br> </div> Fri, 01 Jun 2012 16:57:03 +0000 https://lwn.net/Articles/475569/ https://lwn.net/Articles/475569/ Cyberax <div class="FormattedComment"> /me runs away screaming<br> </div> Sun, 15 Jan 2012 22:17:53 +0000 https://lwn.net/Articles/475546/ https://lwn.net/Articles/475546/ liljencrantz You mean like <a href="http://mail-index.netbsd.org/tech-kern/2010/10/05/msg008900.html">Lunatik</a>, the Lua interpreter embedded in the NetBSD kernel? Sun, 15 Jan 2012 10:20:11 +0000 https://lwn.net/Articles/475325/ https://lwn.net/Articles/475325/ ebiederm <div class="FormattedComment"> BPF is nice because it is trivial to verify and does not allow backwards branches.<br> <p> It seems an obvious choice of scripting engine for filtering to me.<br> </div> Fri, 13 Jan 2012 01:32:07 +0000 https://lwn.net/Articles/475228/ https://lwn.net/Articles/475228/ Cyberax <div class="FormattedComment"> That's quite a bit of lateral thinking!<br> <p> So, when are we going to see kernel-mode JavaScript interpreter? :)<br> </div> Thu, 12 Jan 2012 17:44:58 +0000 https://lwn.net/Articles/475107/ https://lwn.net/Articles/475107/ scottt <div class="FormattedComment"> It seems clear that a small library that knows the syscall calling convention would be highly desirable to go along with this so that security policies can be expressed in an architecture independent way.<br> <p> </div> Thu, 12 Jan 2012 04:03:48 +0000