1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA512 |
3 |
|
4 |
On 02/19/15 21:14, Mike Frysinger wrote: |
5 |
> pro: improved security in daemons (often network) con: some |
6 |
> packages might pull in libseccomp (~250KB) |
7 |
> |
8 |
> there shouldn't be measurable runtime overhead here as the |
9 |
> filtering is done by a JIT in the kernel itself. if the kernel |
10 |
> lacks support for seccomp, daemons generally should fallback at |
11 |
> runtime. if they don't, people should file bugs to get them |
12 |
> fixed. -mike |
13 |
> |
14 |
Yes please |
15 |
|
16 |
- -- |
17 |
Regards, |
18 |
Markos Chandras |
19 |
-----BEGIN PGP SIGNATURE----- |
20 |
Version: GnuPG v2 |
21 |
|
22 |
iQIcBAEBCgAGBQJU5mvTAAoJEPqDWhW0r/LClXUQALYh28hSxoeVXRncPhECQ6P6 |
23 |
Hojd6B4o0Gm1fRPJR5COB7OHJesn3395lMALID106cXRlDp4YXj6na/WQ8JY05wJ |
24 |
hArQKxeEZOhOiXqWQPHFPNTXYk/92Xnkn+PWek0mmePn6hrRF8yv56v6KkvsFjr5 |
25 |
gZgWMG3ZOsuxUkf0fjPhZpwQMNvAbioQBxA2LXF3wD3qW5NNXdglLxKvd9yRBe5D |
26 |
C5eqnKy90Y/f5l3x00k4UImDAOyn3nnCR4BXZD+LoCwTGLQOuLWE1/2I8O50lf2I |
27 |
zbtgW3r5HSey5FP57gyGoVQynH21f2w5QcyXogmqvO0LXEoUmJ3GXzTKik1G0jXt |
28 |
WXn/ta+T3ILU9ogJGrbCcaGlSryRM9Wc5j7r8AY+Q6gkzwEwOmWe2lSlqR0ppQfu |
29 |
amCTKtAx31RJhnhhJFec3CN/D8mqteEvKcrPUIk1ManVhAqbzZhSgwPF/dQWsjqe |
30 |
JVDYhCt0VH1c2ckAeAxtDu0Nr914/ayFFx/k5WDWkE7SfTkQBa9K3zCs74arTq6r |
31 |
dczN8WJmG6wpVK65EiF5UbjuIaS+bQiOKpsODbgx/2uBMp82O+ISc+hUNZfFqu5Y |
32 |
khIgLP9P0Mq/VmHHfzN+ptmd5DNAFBBsZg5F3YKiVbIOq/ThTAos4i9Aq28ocFMH |
33 |
B0aRyvwyhCyJmv3kRYze |
34 |
=OIhP |
35 |
-----END PGP SIGNATURE----- |