On 3/20/20 11:49 PM, Finn Thain wrote:
I suspect (without evidence) that many m68k systems are actually virtual machines. And the need for container hosting on m68k seems negligible.
It isn't about security. It's about being able to build more packages as some packages have started to make libseccomp support mandatory.
Therefore, there doesn't seem to be a lot of actual benefit from seccomp.
I disagree for the aforementioned reasons.
There are 17 architectures (out of 25) lacking seccomp support. This suggests that the portability issue around this missing feature can't easily be pinned on m68k.
The question is how many of these 17 architectures are actually supported by Debian. If you look at the build results for libseccomp in Debian, you can see that alpha, ia64, m68k, sh and sparc64 are missing the feature, everyone else supports it [1]. Adrian
[1] https://buildd.debian.org/status/package.php?p=libseccomp&suite=sid
-- .''`. John Paul Adrian Glaubitz : :' : Debian Developer - glaubitz@xxxxxxxxxx `. `' Freie Universitaet Berlin - glaubitz@xxxxxxxxxxxxxxxxxxx `- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913
