sys_writev() isn't permitted if SECCOMP_SET_MODE_STRICT is enabled. In @__criu__, we have a test which fails with @musllibc and works with glibc.https://twitter.com/vagin_andrey/status/1001985524855394305 …
-
-
I disagree that it's not a good idea. Assuming stdio won't do anything incompatible with strict (nonfilter) seccomp is unreasonable. I would go so far as to say assuming anything works with strict is unreasonable.
1 reply 0 retweets 0 likes -
Replying to @RichFelker @vagin_andrey and
For example setprocmask is needed internally for lots of things, and some awful archs even need syscalls for get_thread_area or cmpxchg.
1 reply 0 retweets 1 like -
Replying to @RichFelker @vagin_andrey and
wait, SECCOMP_SET_MODE_STRICT disallows sys_sigprocmask()? what the actual hell?
1 reply 0 retweets 1 like
Replying to @bofh453 @vagin_andrey and
Yes. It's so broad as to be utterly useless.
9:20 PM - 22 Jun 2018
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.