Re: tarball/patch signature files

From: Valdis . Kletnieks
Date: Tue Oct 25 2011 - 05:14:07 EST

On Tue, 25 Oct 2011 10:27:05 +0200, "H. Peter Anvin" said:

> It would be a very good thing for people to develop tools to run
> compressors and decompressors in locked-down boxes. It should be
> possible to run these kinds of programs without access to either network
> or filesystem; only read from stdin and out on stdout (and presumably
> stderr for errors.) This would solve problems for much more than just

Wasn't there once a kernel hack called seccomp, that only allowed read syscalls
on stdin and writes on stdout and that was it? ;)

Attachment: pgp00000.pgp
Description: PGP signature