Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
Asmod4n
7 months ago
|
parent
|
context
|
favorite
| on:
How to handle people dismissing io_uring as insecu...
There should be no issue with disabling it altogether by banning its setup and usage syscalls.
holowoodman
7 months ago
|
next
[–]
Which would be prone to misconfiguration, accidents and exploits. Better to not include it at all.
Asmod4n
7 months ago
|
parent
|
next
[–]
Are you saying it’s impossible to misuse disabling the accept syscall but it’s prone to misconfiguration with disabling io_uring_enter?
holowoodman
7 months ago
|
root
|
parent
|
next
[–]
I'm saying that just compiling a kernel with stuff not compiled in is misuse-proof. That way you can disable io_uring entirely (but not accept()).
accelbred
7 months ago
|
prev
[–]
Yup, but that leads to io-uring devs complaining that people dislike software using io-uring because it doesn't run in containers/etc blocking io-uring entirely
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
