[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of
From: |
Eli Zaretskii |
Subject: |
Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073) |
Date: |
Wed, 26 Jan 2022 05:22:51 +0200 |
> From: Philipp Stephani <p.stephani2@gmail.com>
> Date: Tue, 25 Jan 2022 21:09:24 +0100
> Cc: Lars Ingebrigtsen <larsi@gnus.org>,
> Po Lu <luangruo@yahoo.com>,
> Philipp Stephani <phst@google.com>,
> emacs-devel@gnu.org
>
> > It is very worrisome that a change in glibc can break Emacs like that.
> > I wonder what it means for the maintainability of Emacs in the long
> > run. I have a bad feeling about this.
>
> Just to clarify this, nothing here has really broken Emacs. Emacs itself
> doesn't depend on libseccomp or the specific seccomp filter at all. It's
> just that newer versions of glibc will occasionally add new syscalls which
> will then need to get added to seccomp filters for sandboxing to continue
> working; the sandbox can only be secure if it fails-close (i.e. exits the
> process when encountering an unknown syscall).
That is exactly my problem with these situations: sandboxed Emacs
stops working too frequently for that to be a reliable option.
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), (continued)
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Po Lu, 2022/01/24
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Eli Zaretskii, 2022/01/24
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Lars Ingebrigtsen, 2022/01/24
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Eli Zaretskii, 2022/01/24
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Robert Pluim, 2022/01/24
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Eli Zaretskii, 2022/01/24
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Philipp Stephani, 2022/01/25
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Eli Zaretskii, 2022/01/25
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Philipp Stephani, 2022/01/25
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Stefan Monnier, 2022/01/25
- Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073),
Eli Zaretskii <=
Re: emacs-28 6d3608be88: Seccomp: improve support for newer versions of glibc (Bug#51073), Richard Stallman, 2022/01/24