On Fri, Feb 08, 2013 at 09:44:10AM -0500, Corey Bryant wrote:
>
>
> On 02/05/2013 06:02 AM, Michal Privoznik wrote:
> >Currently, it we call a not white listed system call, we get killed
> >immediately without reporting any error. It would be far more useful,
> >if we can at least shout something
On 02/05/2013 06:02 AM, Michal Privoznik wrote:
Currently, it we call a not white listed system call, we get killed
immediately without reporting any error. It would be far more useful,
if we can at least shout something on stderr just before dying, so
users know it is because of sandbox, not j
Il 06/02/2013 12:25, Daniel P. Berrange ha scritto:
>> > Something is definitely needed to learn the syscall that is killing
>> > QEMU. But I don't think the signal handler approach is going to
>> > work. We tried that and ran into too many situations where signals
>> > were being blocked by libra
On 02/06/2013 09:08 AM, Corey Bryant wrote:
On 02/06/2013 06:13 AM, Michal Privoznik wrote:
On 05.02.2013 15:28, Corey Bryant wrote:
On 02/05/2013 06:02 AM, Michal Privoznik wrote:
Currently, it we call a not white listed system call, we get killed
immediately without reporting any error.
On 02/06/2013 06:13 AM, Michal Privoznik wrote:
On 05.02.2013 15:28, Corey Bryant wrote:
On 02/05/2013 06:02 AM, Michal Privoznik wrote:
Currently, it we call a not white listed system call, we get killed
immediately without reporting any error. It would be far more useful,
if we can at leas
On Tue, Feb 05, 2013 at 09:28:51AM -0500, Corey Bryant wrote:
>
> On 02/05/2013 06:02 AM, Michal Privoznik wrote:
> >Currently, it we call a not white listed system call, we get killed
> >immediately without reporting any error. It would be far more useful,
> >if we can at least shout something on
On 05.02.2013 15:28, Corey Bryant wrote:
>
> On 02/05/2013 06:02 AM, Michal Privoznik wrote:
>> Currently, it we call a not white listed system call, we get killed
>> immediately without reporting any error. It would be far more useful,
>> if we can at least shout something on stderr just before d
On 02/05/2013 06:02 AM, Michal Privoznik wrote:
Currently, it we call a not white listed system call, we get killed
immediately without reporting any error. It would be far more useful,
if we can at least shout something on stderr just before dying, so
users know it is because of sandbox, not ju
Currently, it we call a not white listed system call, we get killed
immediately without reporting any error. It would be far more useful,
if we can at least shout something on stderr just before dying, so
users know it is because of sandbox, not just random quit.
Signed-off-by: Michal Privoznik
-
