On 05/01/2013 01:25 PM, Eduardo Otubo wrote:
On 04/30/2013 12:24 PM, Paul Moore wrote:
On Monday, April 29, 2013 05:52:10 PM Corey Bryant wrote:
On 04/26/2013 05:07 PM, Paul Moore wrote:
[snip]
3. Debugging and/or learning mode - third party libraries still
have the
problem of interferin
On 04/30/2013 12:24 PM, Paul Moore wrote:
On Monday, April 29, 2013 05:52:10 PM Corey Bryant wrote:
On 04/26/2013 05:07 PM, Paul Moore wrote:
[snip]
3. Debugging and/or learning mode - third party libraries still have the
problem of interfering in the Qemu's signal mask. According to some
p
On 05/01/2013 10:13 AM, Paul Moore wrote:
On Tuesday, April 30, 2013 04:28:54 PM Corey Bryant wrote:
Just to be clear, I'm thinking you could launch guests in one of two
different seccomp sandboxed environments:
1) Using the existing and more permissive whitelist where every QEMU
feature work
On Tuesday, April 30, 2013 04:28:54 PM Corey Bryant wrote:
> Just to be clear, I'm thinking you could launch guests in one of two
> different seccomp sandboxed environments:
>
> 1) Using the existing and more permissive whitelist where every QEMU
> feature works:
>
> qemu-kvm -sandbox on,default
On 04/30/2013 02:47 PM, Eduardo Otubo wrote:
On 04/29/2013 07:02 PM, Corey Bryant wrote:
On 04/29/2013 02:39 PM, Eduardo Otubo wrote:
On 04/26/2013 06:07 PM, Paul Moore wrote:
On Friday, April 26, 2013 03:39:33 PM Eduardo Otubo wrote:
Hello folks,
Resuming the sandboxing work, I'd l
On 04/29/2013 07:02 PM, Corey Bryant wrote:
On 04/29/2013 02:39 PM, Eduardo Otubo wrote:
On 04/26/2013 06:07 PM, Paul Moore wrote:
On Friday, April 26, 2013 03:39:33 PM Eduardo Otubo wrote:
Hello folks,
Resuming the sandboxing work, I'd like to ask for comments on the
ideias I have:
1
On Monday, April 29, 2013 05:52:10 PM Corey Bryant wrote:
> On 04/26/2013 05:07 PM, Paul Moore wrote:
> > [snip]
> >
> >> >3. Debugging and/or learning mode - third party libraries still have the
> >> >problem of interfering in the Qemu's signal mask. According to some
> >> >previous discussions,
On 04/29/2013 02:39 PM, Eduardo Otubo wrote:
On 04/26/2013 06:07 PM, Paul Moore wrote:
On Friday, April 26, 2013 03:39:33 PM Eduardo Otubo wrote:
Hello folks,
Resuming the sandboxing work, I'd like to ask for comments on the
ideias I have:
1. Reduce whitelist to the optimal subset: Run v
On 04/26/2013 05:07 PM, Paul Moore wrote:
[snip]
>3. Debugging and/or learning mode - third party libraries still have the
>problem of interfering in the Qemu's signal mask. According to some
>previous discussions, perhaps patch all external libraries that mass up
>with this mask (spice, for
Il 29/04/2013 21:57, Eduardo Otubo ha scritto:
>
>
> On 04/26/2013 07:17 PM, Paolo Bonzini wrote:
>> Il 26/04/2013 23:07, Paul Moore ha scritto:
> 3. Debugging and/or learning mode - third party libraries still
> have the
> problem of interfering in the Qemu's signal mask. According t
On 04/26/2013 07:17 PM, Paolo Bonzini wrote:
Il 26/04/2013 23:07, Paul Moore ha scritto:
3. Debugging and/or learning mode - third party libraries still have the
problem of interfering in the Qemu's signal mask. According to some
previous discussions, perhaps patch all external libraries that
On Monday, April 29, 2013 03:39:57 PM Eduardo Otubo wrote:
> On 04/26/2013 06:07 PM, Paul Moore wrote:
> > On Friday, April 26, 2013 03:39:33 PM Eduardo Otubo wrote:
> > Also, looking a bit further ahead, it might be interesting to look at
> > removing some of the arch dependent stuff in qemu-secco
On 04/26/2013 06:07 PM, Paul Moore wrote:
On Friday, April 26, 2013 03:39:33 PM Eduardo Otubo wrote:
Hello folks,
Resuming the sandboxing work, I'd like to ask for comments on the
ideias I have:
1. Reduce whitelist to the optimal subset: Run various tests on Qemu
with different configuratio
Il 26/04/2013 23:07, Paul Moore ha scritto:
>> > 3. Debugging and/or learning mode - third party libraries still have the
>> > problem of interfering in the Qemu's signal mask. According to some
>> > previous discussions, perhaps patch all external libraries that mass up
>> > with this mask (spice,
On Friday, April 26, 2013 03:39:33 PM Eduardo Otubo wrote:
> Hello folks,
>
> Resuming the sandboxing work, I'd like to ask for comments on the
> ideias I have:
>
> 1. Reduce whitelist to the optimal subset: Run various tests on Qemu
> with different configurations to reduce to the smallest sysc
Hello folks,
Resuming the sandboxing work, I'd like to ask for comments on the
ideias I have:
1. Reduce whitelist to the optimal subset: Run various tests on Qemu
with different configurations to reduce to the smallest syscall set
possible; test and send a patch weekly (this is already bei
16 matches
Mail list logo
