Local root vulnerability in snap-confine
Local root vulnerability in snap-confine
Posted Feb 21, 2022 16:37 UTC (Mon) by nybble41 (subscriber, #55106)In reply to: Local root vulnerability in snap-confine by judas_iscariote
Parent article: Local root vulnerability in snap-confine
> What is actually wanted is system calls, that return unambigous, well defined data..
We have the system calls (open, read, write). What is missing is the "unambiguous, well-defined data". Given an appropriate serialization format there is nothing wrong with communicating the data through /proc. I see no need to restrict access to languages with support for making special-purpose system calls.