On Sat, Jun 5, 2021 at 11:11 AM Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote:
>
> You have fallen into a common fallacy. The fact that the "code runs"
> does not assure that the "system works right". In the security world
> we face this all the time, often with performance expectations. In this
> case the BPF design has failed [..]
I think it's the lockdown patches that have failed. They did the wrong
thing, they didn't work,
The report in question is for a regression.
THERE ARE NO VALID ARGUMENTS FOR REGRESSIONS.
Honestly, security people need to understand that "not working" is not
a success case of security. It's a failure case.
Yes, "not working" may be secure. But security in that case is *pointless*.
Linus
