Y
Hacker News
new
|
ask
|
show
|
jobs
by
Asmod4n
327 days ago
There should be no issue with disabling it altogether by banning its setup and usage syscalls.
2 comments
holowoodman
327 days ago
Which would be prone to misconfiguration, accidents and exploits. Better to not include it at all.
link
Asmod4n
327 days ago
Are you saying it’s impossible to misuse disabling the accept syscall but it’s prone to misconfiguration with disabling io_uring_enter?
link
holowoodman
323 days ago
I'm saying that just compiling a kernel with stuff not compiled in is misuse-proof. That way you can disable io_uring entirely (but not accept()).
link
accelbred
327 days ago
Yup, but that leads to io-uring devs complaining that people dislike software using io-uring because it doesn't run in containers/etc blocking io-uring entirely
link