* Andrea Arcangeli <[EMAIL PROTECTED]> wrote: > > technical comment: seccomp goes outside the audit/selinux framework, > > which i believe is a bug. Andrea? > > I intentionally left it out of audit/selinux. To the less dependencies > it has on other parts of the kernel and the simpler it is, the better > IMHO. Seccomp should be fixed in stone, people shouldn't go hack on it > every day.
let me put it another way: this is a security hole. seccomp is now a way to evade the auditing of read/write syscalls done to an opened file. Please fix this. Ingo - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/