On Tue, Jan 19, 2016, at 04:16 AM, Nikos Mavrogiannopoulos wrote: > The issue is that blacklists are terrible from a security standpoint. > That means that every new obscure system call added to the kernel will > be available by default in your program. https://github.com/seccomp/libseccomp/issues/11 -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
