On 02/16/2012 04:51 PM, Andrew Lutomirski wrote: > > IMO the best solution is to have the One True Seccomp Filter Compiler > (tm). It would handle multiple namespaces, cross-arch differences, > and such, and it would do it correctly. It could live in the kernel > tree. > > Without something like that or an incredible amount of special care, > actual portability is probably a pipe dream. > > --Andy > Seconded! -hpa -- H. Peter Anvin, Intel Open Source Technology Center I work for Intel. I don't speak on their behalf. -- To unsubscribe from this list: send the line "unsubscribe linux-arch" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
