tame(2) is so much easier to wrap my head around, it's unobtrusive.. and from the examples, makes it easy to discover better design idioms.
-
-
Replying to @canadianbryan
It's kind of game, to see where you can reduce tame flags so your program runs without those resources, reorganize so their use is obvious.
1 reply 1 retweet 1 like -
Replying to @canadianbryan
@canadianbryan I like the concept but I think it's insufficiently rigorous for full sandboxing, just suitable as hardening/mitigation.1 reply 0 retweets 0 likes -
Replying to @RichFelker
@RichFelker It will be used along side privsep and chroot(2) on OpenBSD, and systrace(4) still has uses. But tame(0) seems rigorous to me.2 replies 1 retweet 1 like -
Replying to @canadianbryan
@canadianbryan Certainly with a 0 argument it's rigorous, but likely useless. I was thinking in comparison to chrome seccomp sandbox.1 reply 0 retweets 0 likes -
Replying to @RichFelker
@RichFelker I don't know, but with seccomp you can be too rigorous, or too permissive.. but always be maintaining those fragile lists.1 reply 0 retweets 0 likes
@canadianbryan Agree completely. Chrome's filters are subtly broken with @musllibc still. A better solution is needed.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.