thaddeus e. grugq thegrugq@infosec.exchange · Feb 14, 2019 · 2:55 AM UTC

thaddeus e. grugq thegrugq@infosec.exchange

thaddeus e. grugq thegrugq@infosec.exchange

@thegrugq

14 Feb 2019

Looks like @paxteam was right by a decade... as usual.

Robert Swiecki

@robertswiecki

12 Feb 2019

The amount of people who trully understand (like, with knowing what's inside the kernel) all code interactions when creating/manipulating namespaces is IMO not that great. (btw, @_tsuro is one of them). Seems like ns's were created for functionality/features, not for security.

PaX Team · Feb 15, 2019 · 1:50 PM UTC

PaX Team · Feb 15, 2019 · 1:50 PM UTC

PaX Team @paxteam

15 Feb 2019

Replying to @thegrugq

me? :) it was spender who has always been a vocal critic of the often badly thought out and then even more badly implemented namespaces. you'd think that a decade of collective kernel dev brainpower would have been enough to sort out the mess by now but alas...

Feb 15, 2019 · 1:50 PM UTC

thaddeus e. grugq thegrugq@infosec.exchange · Feb 15, 2019 · 2:28 PM UTC

thaddeus e. grugq thegrugq@infosec.exchange

@thegrugq

15 Feb 2019

Replying to @paxteam

I am sure that it was you who said “I can reason about the safety of only this kernel version <X.Y>, after that there are namespaces and all sorts of crap. Who knows what it does anymore”