Hi Rich, On 8/13/20 6:24 PM, Rich Felker wrote:
I noticed while reading seccomp(2) today that the example code still uses SECCOMP_RET_KILL. This is unsafe in a multithreaded process and should be considered deprecated -- having a thread asynchronously cease to exist inherently leaves the process in a permanently inconsistent and possibly corrupt state. The example should be updated to use SECCOMP_RET_KILL_PROCESS and a note that SECCOMP_RET_KILL[_THREAD] is unsafe and deprecated should probably be added as well.
Thanks. Both things now fixed. I added a warning note that pretty much uses your wording in the first paragraph. Thanks, Michael