Re: RFC: seccomp-bpf support
| От | Andres Freund |
|---|---|
| Тема | Re: RFC: seccomp-bpf support |
| Дата | |
| Msg-id | 20190828181045.b5lxugrynxqzz2jc@alap3.anarazel.de обсуждение исходный текст |
| Ответ на | Re: RFC: seccomp-bpf support (Joe Conway <mail@joeconway.com>) |
| Список | pgsql-hackers |
Hi, On 2019-08-28 13:28:06 -0400, Joe Conway wrote: > > To compute the initial set of allowed system calls, you need to have > > fantastic test coverage. What you don't want is some rarely used error > > recovery path to cause a system crash. I wouldn't trust our current > > coverage for this. > So if you are worried about that make your default action 'log' and > watch audit.log. There will be no errors or crashes of postgres caused > by that because there will be no change in postgres visible behavior. But the benefit of integrating this into postgres become even less clear. > And if returning an error from a syscall causes a crash that would be a > serious bug and we should fix it. Err, there's a lot of syscall failures that'll cause PANICs, and where there's no reasonable way around that. Greetings, Andres Freund
В списке pgsql-hackers по дате отправления: