On Mon, Sep 27, Cristian Rodríguez wrote:
Yes, it is easy to understand it backwards.. glibc only guarantees binary level compatibility and adherence to the relevant standards , it does not cover which operating system facilities it uses for implementing things. Now it implements stuff on top of extremely powerful newish clone3() syscall and some apps do not like that.
The problem is more: too many people did not take it serious enough that glibc will use clone3() in the future. Some projects were sitting for about 6 month on fixes but did not include them or release fixed packages... The main problem is, that most projects using seccomp for sandboxing don't really think about the future, but only the past. So they look at what is currently in use and forbid everything else with "ENOPERM". And are surprised if suddenly new syscalls are added and their code breaks applications. It would always be better to block unknown syscalls with "ENOSYS", so letting the application think the new syscall still does not exist. This gives the application (or in this case better glibc) the chance to use the old code as fallback. As long as the sandbox developers don't make their code future proof, we will have this problem again and again with every new syscall. Thorsten -- Thorsten Kukuk, Distinguished Engineer, Senior Architect SLES & MicroOS SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany Managing Director: Felix Imendoerffer (HRB 36809, AG Nürnberg)