|
|
|
|
|
|
by jollyllama
407 days ago
|
|
|
> so theres a temptation to put most of the logic into userland code and then share information with the kernel component- but then it’s dangerous for the same reason that crowdstrike was. I don't understand, how could crowdstrike have avoided their issues by putting more code in the kernel? Or am I misreading your statement? |
|
|
If they had not tried to parse data inside the kernel it would not have been an issue.