Y
Hacker News
new
|
ask
|
show
|
jobs
by
nathants
1098 days ago
to secure linux, both ebpf and io_ring need to be disabled in kconfig at kernel compile time.
in security insensitive scenarios, they are both interesting tech.
1 comments
tptacek
1098 days ago
Radically different thread models. io_uring is conventionally exposed to unprivileged programs, and eBPF virtually never is.
link
nathants
1098 days ago
isn’t the current linux security mindset that all access is potentially privileged?
link