Stuffing the stuff

without getting stuffy
Everything here is my opinion. I do not speak for your employer.
March 2015
April 2015

2015-03-07 »

Oh wow.  This is the first I've heard of seccomp(2), but it looks amazingly elegant.

http://man7.org/linux/man-pages/man2/seccomp.2.html

In particular SECCOMP_SET_MODE_STRICT looks like it would be very easy to use (and pretty easy for any Unix-like kernel to implement) and would be great for things like packet parsers that just read stdin and write stdout.

I'm CEO at Tailscale, where we make network problems disappear.

Why would you follow me on twitter? Use RSS.

apenwarr on gmail.com