Y
Hacker News
new
|
ask
|
show
|
jobs
by
londons_explore
974 days ago
So theres nothing preventing OP implementing what they want entirely in userspace with no kernel changes already?
1 comments
jagrsw
974 days ago
malloc can use mmap (aside from s/brk) - it's impossible these days to sandbox any more complex program and not allow mmap (arguments can be limited though to only a subset of flags).
link
londons_explore
974 days ago
But that would be the same for both this proposed mseal() and my proposed seccomp solution.
link