On Sun, 21 Oct 2018, Pavel Machek wrote: > Imagine JIT running evil code (flash, javascript). JIT will prevent evil > code from doing ptrace() (or maybe there is syscall filter in effect or > something like that), but if evil code can poison branch buffers and do > timings, security problem stays.
JITs sort of remove the traditional unix security domain boundary between mutually (un)trusted code (processess and threads), that's a more general problem, yes. > Do we need prctl(I_DONT_RUN_EVIL_CODE)? That's basically the level of fine-graining Tim's followup patchset (that's currently being discussed) is eventually going to achieve. Thanks, -- Jiri Kosina SUSE Labs