https://bugzilla.mindrot.org/show_bug.cgi?id=2142
--- Comment #4 from Loganaden Velvindron <[email protected]> --- (In reply to Damien Miller from comment #3) > Sure, but I don't see the point - what's the advantage to using > libseccomp? It looks like it might have some advantages if we were > doing argument inspection, were scared of writing BPF or running a > complex policy but we aren't. Agreed. > The existing seccomp sandbox will work on any system that has > libseccomp and will do the same thing with fewer dependencies and > less code. Adding another sandbox that does exactly the same thing > just means we need to maintain two sets of code instead of one. I see your point ("Reduced attack surface") :-) In that case, it's probably better that i don't spend more time further on this. Thanks. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
