Re: seccomp for 2.6.11-rc1-bk8

From: Pavel Machek
Date: Sat Jan 22 2005 - 14:44:21 EST

Next message: Trond Myklebust: "Re: Advise on: panic - Attempting to free lock with active blocklist"
Previous message: Jon Smirl: "Re: Patch to control VGA bus routing and active VGA device."
In reply to: Andrea Arcangeli: "Re: seccomp for 2.6.11-rc1-bk8"
Next in thread: Andrea Arcangeli: "Re: seccomp for 2.6.11-rc1-bk8"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

> > Well, seccomp is also getting very little testing, when ptrace gets a
> > lot of testing; I know that seccomp is simple, but I believe testing
> > coverage still make ptrace better choice.
>
> It's not testing that makes code more secure. Testing verifys the code
> works in production, but testing almost never helps to find security
> issues, and often not even hidden subtle race conditions. Check how many
> security bugs have been found with testing. Just go to bugtraq count
> them. I simply cannot relay on testing for the security part. I will
> relay on testing for everything else but not for this.

Well, then you can help auditing ptrace()... It is probably also true
that more people audited ptrace() than seccomp :-).
Pavel
--
People were complaining that M$ turns users into beta-testers...
...jr ghea gurz vagb qrirybcref, naq gurl frrz gb yvxr vg gung jnl!
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Trond Myklebust: "Re: Advise on: panic - Attempting to free lock with active blocklist"
Previous message: Jon Smirl: "Re: Patch to control VGA bus routing and active VGA device."
In reply to: Andrea Arcangeli: "Re: seccomp for 2.6.11-rc1-bk8"
Next in thread: Andrea Arcangeli: "Re: seccomp for 2.6.11-rc1-bk8"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]