Re: [PATCH] kconfig: consolidate arch-specific seccomp options

From: Dave Hansen
Date: Thu Jan 30 2014 - 11:48:52 EST


On 01/30/2014 12:55 AM, Ingo Molnar wrote:
>> > + This kernel feature is useful for number crunching applications
>> > + that may need to compute untrusted bytecode during their
>> > + execution. By using pipes or other transports made available to
> I'd change and simplify the first sentence to:
>
>> > + This kernel feature is useful to sandbox runtimes that need
>> > + to execute untrusted machine code.
> Seccomp isn't primarily about number crunching anymore, and it's
> definitely not about 'bytecode' in the classical sense either.

I'll change that if I need to send it again. Otherwise, I'll leave it
to the folks who actually know something about the feature, which isn't me.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/