On Wed, Oct 07, 2015 at 09:24:22AM +0200, Dan Horák wrote: > On Mon, 5 Oct 2015 13:58:26 +0200 > Miroslav Lichvar <mlichvar@xxxxxxxxxx> wrote: > > > In chrony 2.2-pre1 was added support for system call filtering with > > the kernel seccomp facility. In chrony it's mainly useful to reduce > > the damage from attackers who can execute arbitrary code, e.g. prevent > > gaining the root privileges through a kernel vulnerability. > > please keep in mind that libseccomp currently supports only limited set > of architectures - > http://pkgs.fedoraproject.org/cgit/libseccomp.git/tree/libseccomp.spec#n5 > It will change (in Rawhide) after mainline kernel 4.3 release when s390 > and ppc will become supported as well. The chrony spec should now follow that. Thanks. -- Miroslav Lichvar -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
