Hacker News new | past | comments | ask | show | jobs | submit login

Wow that's extreme. They could broadcast seccomp across thread for older kernels.

One day it's going to be "use Google's fork of the kernel".

Of course, Firefox and others work fine on "older" kernels.




It is a sandbox, you cant trust the threads to apply it I guess, if they have been hacked.

I dont understand why you need to change the seccomp filter after creation though.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: