[catblast01]

People can do whatever they want with seccomp-bpf obviously, but is it really that uncommon to use it for whitelisting? As for kernel vulnerabilities being a weakness of sandboxing in general, if anyone still doesn’t understand that by now it must be willful and I don’t know if they can be helped.

[tptacek]

No matter how you mask off attack surface for the kernel, you're not super likely to want to disable io_uring, is the point I'm making. It's easy to find recent threads here with people sticking up for shared-kernel multitenant isolation.

(Be forewarned that I'm talking my book a bit here, since we have a commercial thingy built on multitenant VMM isolation).

[touisteur]

BTW while on the topic, what do you think about having a heavy host kernel with a guest vmm attached to the network with a hardened firecracker and a dedicated network interface. Would you feel it's 'better' than shared kernel/os + namespaces? Or is it 'smallest hardened root hypervisor or no go'. Not sure I'm making sense...

[tptacek]

The heavyweight host (which is the normal state of affairs) is problematic attack surface; moving the workload into a hardened VMM on that improves security regardless.

[touisteur]

Thanks Thomas for the insight.

[CodesInChaos]

Isn't the standard pattern dropping privileges after the setup is finished?

[catblast01]

> sticking up for shared-kernel multitenant isolation.

Seems like willful snake oil.