Re: [PATCH] kconfig: consolidate arch-specific seccomp options

From: Ingo Molnar
Date: Fri Jan 31 2014 - 01:58:20 EST



* Dave Hansen <dave@xxxxxxxx> wrote:

> On 01/30/2014 12:55 AM, Ingo Molnar wrote:
> >> > + This kernel feature is useful for number crunching applications
> >> > + that may need to compute untrusted bytecode during their
> >> > + execution. By using pipes or other transports made available to
> > I'd change and simplify the first sentence to:
> >
> >> > + This kernel feature is useful to sandbox runtimes that need
> >> > + to execute untrusted machine code.
> > Seccomp isn't primarily about number crunching anymore, and it's
> > definitely not about 'bytecode' in the classical sense either.
>
> I'll change that if I need to send it again. Otherwise, I'll leave
> it to the folks who actually know something about the feature, which
> isn't me.

Ok, consider the x86 bits NAK-ed, which is lifted if the text is
updated as well.

Thanks,

Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/