[Bug 2142] openssh sandboxing using libseccomp

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Aug 14 06:16:16 EST 2013


--- Comment #2 from Loganaden Velvindron <loganaden at gmail.com> ---
So libseccomp would be "untrusted", similar to kerberos ?

libseccomp has seen steady progress, and I think that it would be nice
if openssh takes advantage of it if it is deployed on a fairly recent
linux system.


Please see page 3 :-)

Capsicum is also working towards a similar approach with libcapsicum &


I'm not suggesting replacing will's seccomp patch, but rather provide
it as an additional build time option that package maintainers can take
advantage of if libseccomp is present.

You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

More information about the openssh-bugs mailing list