Conversation

This Tweet was deleted by the Tweet author. Learn more

Replying to

It should be using `getrandom`. Not having it whitelisted in existing seccomp-bpf filters is an annoyance, but it's the usual problem with seccomp-bpf. Generic filters should have `getrandom` included since it's needed by a hardened libc or malloc implementation for various uses.

3:26 AM · Jul 9, 2019Twitter Web Client

Replying to

and

Using strict filters with minimal system calls whitelisted at the application layer is inherently painful and isn't portable. It doesn't cope with differences across operating systems, upgrades to libraries or different driver libraries. It's great with full system integration.

Replying to

and

It works well as a backend for a higher-level sandbox API such as a generic sandboxes for command-line apps, graphical apps, servers and isolated processes with a higher-level API for requesting functionality. Libraries need their requirements documented for the application too.

Show replies