On Fri, Dec 6, 2013 at 4:40 PM, Will Drewry w...@chromium.org wrote:
On Fri, Dec 6, 2013 at 3:13 AM, Stefan Hajnoczi stefa...@gmail.com wrote:
On Thu, Dec 05, 2013 at 10:12:00AM -0600, Will Drewry wrote:
On Thu, Dec 5, 2013 at 7:15 AM, Stefan Hajnoczi stefa...@gmail.com wrote:
On Wed, Dec 04,
On Thu, Dec 05, 2013 at 10:12:00AM -0600, Will Drewry wrote:
On Thu, Dec 5, 2013 at 7:15 AM, Stefan Hajnoczi stefa...@gmail.com wrote:
On Wed, Dec 04, 2013 at 11:21:12AM -0200, Eduardo Otubo wrote:
On 12/04/2013 07:39 AM, Stefan Hajnoczi wrote:
On Fri, Nov 22, 2013 at 11:00:24AM -0500, Paul
On Fri, Dec 6, 2013 at 3:13 AM, Stefan Hajnoczi stefa...@gmail.com wrote:
On Thu, Dec 05, 2013 at 10:12:00AM -0600, Will Drewry wrote:
On Thu, Dec 5, 2013 at 7:15 AM, Stefan Hajnoczi stefa...@gmail.com wrote:
On Wed, Dec 04, 2013 at 11:21:12AM -0200, Eduardo Otubo wrote:
On 12/04/2013 07:39
On Wed, Dec 04, 2013 at 11:21:12AM -0200, Eduardo Otubo wrote:
On 12/04/2013 07:39 AM, Stefan Hajnoczi wrote:
On Fri, Nov 22, 2013 at 11:00:24AM -0500, Paul Moore wrote:
Developers will only be happy with seccomp if it's easy and rewarding to
support/debug.
Agreed.
As a developer, how do
On Thu, Dec 5, 2013 at 7:15 AM, Stefan Hajnoczi stefa...@gmail.com wrote:
On Wed, Dec 04, 2013 at 11:21:12AM -0200, Eduardo Otubo wrote:
On 12/04/2013 07:39 AM, Stefan Hajnoczi wrote:
On Fri, Nov 22, 2013 at 11:00:24AM -0500, Paul Moore wrote:
Developers will only be happy with seccomp if it's
On Fri, Nov 22, 2013 at 11:00:24AM -0500, Paul Moore wrote:
Developers will only be happy with seccomp if it's easy and rewarding to
support/debug.
Agreed.
As a developer, how do you feel about the audit/syslog based approach I
mentioned earlier?
I used the commands you posted (I
The existing approach clearly doesn't support the full range of options
that users specify on the command-line.
Bugs. It will get fixed in time with more testing/debugging. Eduardo is
working on improving the testing and RH's QA folks are working hard to shake
out the bugs too. I just
On 12/04/2013 07:39 AM, Stefan Hajnoczi wrote:
On Fri, Nov 22, 2013 at 11:00:24AM -0500, Paul Moore wrote:
Developers will only be happy with seccomp if it's easy and rewarding to
support/debug.
Agreed.
As a developer, how do you feel about the audit/syslog based approach I
mentioned
On 12/04/2013 08:21 AM, Eduardo Otubo wrote:
On 12/04/2013 07:39 AM, Stefan Hajnoczi wrote:
On Fri, Nov 22, 2013 at 11:00:24AM -0500, Paul Moore wrote:
Developers will only be happy with seccomp if it's easy and
rewarding to
support/debug.
Agreed.
As a developer, how do you feel about
On Wed, Oct 30, 2013 at 11:04:39AM +0100, Stefan Hajnoczi wrote:
On Wed, Oct 23, 2013 at 12:42:34PM -0200, Eduardo Otubo wrote:
On 10/22/2013 11:00 AM, Anthony Liguori wrote:
On Tue, Oct 22, 2013 at 12:21 PM, Eduardo Otubo
ot...@linux.vnet.ibm.com wrote:
Inverting the way sandbox handles
On Thu, Nov 21, 2013 at 10:48:58AM -0500, Paul Moore wrote:
On Thursday, November 21, 2013 04:14:11 PM Paolo Bonzini wrote:
Il 30/10/2013 11:04, Stefan Hajnoczi ha scritto:
On Wed, Oct 23, 2013 at 12:42:34PM -0200, Eduardo Otubo wrote:
On 10/22/2013 11:00 AM, Anthony Liguori wrote:
On
On Friday, November 22, 2013 11:34:41 AM Stefan Hajnoczi wrote:
IMO this seccomp approach is doomed since QEMU does not practice
privilege separation. QEMU is monolithic so it's really hard to create
a meaningful sets of system calls.
I'm a big fan of decomposing QEMU, but based on previous
On Friday, November 22, 2013 11:39:31 AM Stefan Hajnoczi wrote:
On Thu, Nov 21, 2013 at 10:48:58AM -0500, Paul Moore wrote:
I'm always open to suggestions on how to improve the development/debugging
process, so if you have any ideas please let me know.
The failure mode is terrible:
Glad
On Fri, Nov 22, 2013 at 09:44:42AM -0500, Paul Moore wrote:
On Friday, November 22, 2013 11:39:31 AM Stefan Hajnoczi wrote:
On Thu, Nov 21, 2013 at 10:48:58AM -0500, Paul Moore wrote:
I'm always open to suggestions on how to improve the development/debugging
process, so if you have any
On Friday, November 22, 2013 04:48:41 PM Stefan Hajnoczi wrote:
On Fri, Nov 22, 2013 at 09:44:42AM -0500, Paul Moore wrote:
On Friday, November 22, 2013 11:39:31 AM Stefan Hajnoczi wrote:
On Thu, Nov 21, 2013 at 10:48:58AM -0500, Paul Moore wrote:
I'm always open to suggestions on how to
On Thursday, November 21, 2013 04:14:11 PM Paolo Bonzini wrote:
Il 30/10/2013 11:04, Stefan Hajnoczi ha scritto:
On Wed, Oct 23, 2013 at 12:42:34PM -0200, Eduardo Otubo wrote:
On 10/22/2013 11:00 AM, Anthony Liguori wrote:
On Tue, Oct 22, 2013 at 12:21 PM, Eduardo Otubo
Il 30/10/2013 11:04, Stefan Hajnoczi ha scritto:
On Wed, Oct 23, 2013 at 12:42:34PM -0200, Eduardo Otubo wrote:
On 10/22/2013 11:00 AM, Anthony Liguori wrote:
On Tue, Oct 22, 2013 at 12:21 PM, Eduardo Otubo
ot...@linux.vnet.ibm.com wrote:
Inverting the way sandbox handles arguments, making
On 11/21/2013 01:48 PM, Paul Moore wrote:
On Thursday, November 21, 2013 04:14:11 PM Paolo Bonzini wrote:
Il 30/10/2013 11:04, Stefan Hajnoczi ha scritto:
On Wed, Oct 23, 2013 at 12:42:34PM -0200, Eduardo Otubo wrote:
On 10/22/2013 11:00 AM, Anthony Liguori wrote:
On Tue, Oct 22, 2013 at
On Wed, Oct 23, 2013 at 12:42:34PM -0200, Eduardo Otubo wrote:
On 10/22/2013 11:00 AM, Anthony Liguori wrote:
On Tue, Oct 22, 2013 at 12:21 PM, Eduardo Otubo
ot...@linux.vnet.ibm.com wrote:
Inverting the way sandbox handles arguments, making possible to have no
argument and still have
On 10/22/2013 11:00 AM, Anthony Liguori wrote:
On Tue, Oct 22, 2013 at 12:21 PM, Eduardo Otubo
ot...@linux.vnet.ibm.com wrote:
Inverting the way sandbox handles arguments, making possible to have no
argument and still have '-sandbox on' enabled.
Signed-off-by: Eduardo Otubo
Inverting the way sandbox handles arguments, making possible to have no
argument and still have '-sandbox on' enabled.
Signed-off-by: Eduardo Otubo ot...@linux.vnet.ibm.com
---
The option '-sandbox on' is now used by default by virt-test[0] -- it has been
merged into the 'next' branch and will
On Tue, Oct 22, 2013 at 12:21 PM, Eduardo Otubo
ot...@linux.vnet.ibm.com wrote:
Inverting the way sandbox handles arguments, making possible to have no
argument and still have '-sandbox on' enabled.
Signed-off-by: Eduardo Otubo ot...@linux.vnet.ibm.com
---
The option '-sandbox on' is now
22 matches
Mail list logo
