Il 19/Ago/2014 17:10 "Tomas Hozza" ha scritto:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hello.
>
> ISC is working on new BIND 9.10 release which includes the seccomp
> functionality. It can be turned on by configuring BIND before build with
> "--enable-seccomp".
>
> ISC asked me to
On 08/19/2014 11:20 AM, Tomasz Torcz wrote:
> On Tue, Aug 19, 2014 at 10:12:31AM -0500, Chris Adams wrote:
>> Once upon a time, Tomas Hozza said:
>>> That's where seccomp kicks in, it acts as a 2nd wall of defence. In case
>>> of a security hole being present in the server process, it goes furthe
On Tue, Aug 19, 2014 at 10:12:31AM -0500, Chris Adams wrote:
> Once upon a time, Tomas Hozza said:
> > That's where seccomp kicks in, it acts as a 2nd wall of defence. In case
> > of a security hole being present in the server process, it goes further
> > than a chroot, it prevents the attacker fr
On Tue 19 Aug 2014 05:12:31 PM CEST, Chris Adams wrote:
> Once upon a time, Tomas Hozza said:
>> That's where seccomp kicks in, it acts as a 2nd wall of defence. In case
>> of a security hole being present in the server process, it goes further
>> than a chroot, it prevents the attacker from makin
Once upon a time, Tomas Hozza said:
> That's where seccomp kicks in, it acts as a 2nd wall of defence. In case
> of a security hole being present in the server process, it goes further
> than a chroot, it prevents the attacker from making socket connections
> orexecuting his code, as his "playing
