|
|
|
|
|
|
by alexgartrell
2051 days ago
|
|
|
I was not aware of object capabilities -- TIL. That said, looking at the (apparently) leading implementation, capsicum > Capsicum also introduces capability mode, which disables (with ECAPMODE) all syscalls that access any kind of global namespace; this is mostly (but not completely) implemented in userspace as a seccomp-bpf filter. So I do feel that bpf ultimately enables building the kinds of abstractions that people want. |
|
|