PostgreSQL considers seccomp() filters
PostgreSQL considers seccomp() filters
Posted Oct 1, 2019 21:03 UTC (Tue) by Cyberax (✭ supporter ✭, #52523)In reply to: PostgreSQL considers seccomp() filters by rweikusat2
Parent article: PostgreSQL considers seccomp() filters
> The kernel is a program. Consequently, it has bugs and considering that it's a C program, it should have lots of bugs.
Indeed. And that's the main motivator for seccomp filtering, to make sure that as little kernel is exposed to a potential attacker as possible.
Indeed. And that's the main motivator for seccomp filtering, to make sure that as little kernel is exposed to a potential attacker as possible.
> hence, there's no reason to assume that any particular subset of the available system calls is 'safer' than any other subset.
Not quite. Objectively some system calls are exercised much less than others. Additionally, some system calls make no sense at all for Postgres (e.g. vm86) and but present a clear threat because they exercise rarely used codepaths and hardware paths.