Hacker News new | ask | show | jobs
by hansvm 184 days ago
My understanding is that the iouring CVEs are about local privilege escalation, not being appropriately sandboxed, etc. If you're only running code you trust on machines with iouring enabled then you're fine (give or take "defense in depth").

Is that not accurate?
1 comments
6r17 184 days ago
I really need to properly study the CVEs instead of making some surface judgement tbh - might have to take a look at it again
link