[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for-1.7] seccomp: setting "-sandbox on" by defau
Re: [Qemu-devel] [PATCH for-1.7] seccomp: setting "-sandbox on" by default
Fri, 22 Nov 2013 16:48:41 +0100
On Fri, Nov 22, 2013 at 09:44:42AM -0500, Paul Moore wrote:
> On Friday, November 22, 2013 11:39:31 AM Stefan Hajnoczi wrote:
> > On Thu, Nov 21, 2013 at 10:48:58AM -0500, Paul Moore wrote:
> > > I'm always open to suggestions on how to improve the development/debugging
> > > process, so if you have any ideas please let me know.
> > The failure mode is terrible:
> Glad to see you don't feel strongly about things.
Sorry for the rant :). I know you and Eduardo understand the issues and
have already been working on them.
I hope hearing it from a developer who isn't following seccomp is useful
though. It shows which issues stick out and hinder usability. Users
will only be happy with seccomp when it works silently behind the
scenes. Developers will only be happy with seccomp if it's easy and
rewarding to support/debug.