On Monday, 4 May 2026 at 19:51, Eric Biggers <[email protected]> wrote:
> On Mon, May 04, 2026 at 04:07:45PM +0000, Ⓐlï P☮latel wrote: > > Syd sandbox uses AF_ALG zero-copy for its Force Sandboxing[1] and Crypt > > Sandboxing[1]. > > Zero-copy means Syd does not have to copy sandbox process data into its own > > address > > space providing safety and security. Switching to read/write rather than > > pipes and > > splice breaks a fundamental safety guarantee for the sandbox. Please do not > > break > > userspace. > > > > Will sendfile(2) continue to work? > > > > [1]: https://man.exherbo.org/syd.7.html#Force_Sandboxing > > [2]: https://man.exherbo.org/syd.7.html#Crypt_Sandboxing > > It's very unclear what that feature (which I don't think anyone knew > even existed) is trying to accomplish. Regardless, this patch doesn't > break the splice or sendfile syscalls. It just makes them run a bit > more slowly since the kernel will copy the data internally. So I think > your concern isn't justified. > > > How can i test? Please help me. > > If this is a feature you care about, perhaps you know how to test it? Thank you very much for the explanation and excuse me I panicked. > - Eric > Best, Ali
publickey - [email protected] - 0x55838BF3.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
