[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of
From: |
Stefan Monnier |
Subject: |
Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073) |
Date: |
Tue, 25 Jan 2022 16:40:34 -0500 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (gnu/linux) |
> Just to clarify this, nothing here has really broken Emacs. Emacs itself
> doesn't depend on libseccomp or the specific seccomp filter at all. It's
> just that newer versions of glibc will occasionally add new syscalls which
> will then need to get added to seccomp filters for sandboxing to continue
> working; the sandbox can only be secure if it fails-close (i.e. exits the
> process when encountering an unknown syscall).
Maybe you need to clarify what "makes Emacs crash" means, then.
To clarify, my understanding so far based on your description (and my
lack of understanding of how seccomp is currently used in Emacs) is that
an Emacs built with support for seccomp would be 100% unusable without
the recent adjustment, when run on a system using a new glibc.
If that is not the case, then please clarify in which circumstances the
problem shows up. If it is the case, then it means we may need a way
for users to update the seccomp filter without recompiling&reinstalling
Emacs, so they can keep using their Emacs-28.1 when glibc is changed
again two years from now.
Stefan
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), (continued)
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Eli Zaretskii, 2022/01/24
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Po Lu, 2022/01/24
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Eli Zaretskii, 2022/01/24
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Lars Ingebrigtsen, 2022/01/24
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Eli Zaretskii, 2022/01/24
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Robert Pluim, 2022/01/24
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Eli Zaretskii, 2022/01/24
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Philipp Stephani, 2022/01/25
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Eli Zaretskii, 2022/01/25
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Philipp Stephani, 2022/01/25
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073),
Stefan Monnier <=
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Eli Zaretskii, 2022/01/25
Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Richard Stallman, 2022/01/24