On 01/30/2014 12:55 AM, Ingo Molnar wrote: >> > + This kernel feature is useful for number crunching applications >> > + that may need to compute untrusted bytecode during their >> > + execution. By using pipes or other transports made available to > I'd change and simplify the first sentence to: > >> > + This kernel feature is useful to sandbox runtimes that need >> > + to execute untrusted machine code. > Seccomp isn't primarily about number crunching anymore, and it's > definitely not about 'bytecode' in the classical sense either. I'll change that if I need to send it again. Otherwise, I'll leave it to the folks who actually know something about the feature, which isn't me. -- To unsubscribe from this list: send the line "unsubscribe linux-arch" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
