Re: Linux features for wheezy
Hi,
Ben Hutchings wrote:
>> On Sat, 2012-06-02 at 23:47 +0100, Ben Hutchings wrote:
>>> - seccomp filters and no_new_privs (#675615)
>
> Are these still worthwhile for wheezy? We're probably not going to have
> any packaged applications that can use it, although libseccomp is
> included.
chromium-browser in wheezy uses the kernel interface[*]. I think it's
worthwhile.
Thanks,
Jonathan
[*] Noticed because people using 3.5-rc kernels were running into the
bug fixed by 5651721edec2: http://bugs.debian.org/679827
Reply to: