The inherent fragility of seccomp()
The inherent fragility of seccomp()
Posted Nov 11, 2017 3:37 UTC (Sat) by patrakov (subscriber, #97174)In reply to: The inherent fragility of seccomp() by nix
Parent article: The inherent fragility of seccomp()
I believe the current situation has some similarity to the decade-old sendmail bug:
https://sites.google.com/site/fullycapable/Home/thesendma...
https://sites.google.com/site/fullycapable/Home/thesendma...
There, it was also a syscall failing, that could not fail previously (with sendmail not checking the return), due to a new security mechanism (capabilities).