-
-
Replying to @jessfraz
you've got a good point. i don't think we meant to imply that things as they are are insecure. i'm going to make some suggestions for adjusting our messaging.
1 reply 1 retweet 5 likes -
Replying to @hugelgupf @jessfraz
let me rephrase that, cause i am bad at words, too. i think we did mean to imply that, but it's because we have a different threat model in which we want to trust the linux kernel as little as possible. it's going to take some iterations to express this (for me at least)
2 replies 0 retweets 4 likes -
Replying to @hugelgupf @jessfraz
Could you expand on your threat model where you want to trust the Linux kernel as little as possible? Google has entire teams working on the kernel so I'm not sure what you gain from that alone.
1 reply 0 retweets 1 like -
Replying to @uiri00 @hugelgupf
they literally have teams that wrote seccomp in the kernel as well :)
3 replies 0 retweets 3 likes -
Let me add as context that the gVisor team is actually part of Google's (tech infra) kernel team. I think the tldr (as I understand it) is that the kernel is ever-expanding in size and represents a large attack surface, regardless of the quality of security mechanisms in place
1 reply 1 retweet 2 likes
and there have been security bugs in syscalls like, for example, mincore(). the beauty of C: you can easily have security bugs in functions that look as if they should be completely unrelated to security
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.