Talk:Seccomp

This is the talk page for discussing improvements to the Seccomp article.
This is not a forum for general discussion of the article's subject.

Put new text under old text. Click here to start a new topic.
New to Wikipedia? Welcome! Learn to edit; get help.

Article policies

Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL

Computing: Software Low‑importance

This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing articles

Low

This article has been rated as Low-importance on the project's importance scale.

This article is supported by WikiProject Software (assessed as Low-importance).

This article is supported by WikiProject Computer Security (assessed as Mid-importance).

Things you can help WikiProject Computer Security with:

Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information...

Answer question about Same-origin_policy
Review importance and quality of existing articles
Identify categories related to Computer Security
Tag related articles
Identify articles for creation (see also: Article requests)
Identify articles for improvement
Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
Find editors who have shown interest in this subject and ask them to take a look here.

Linux Mid‑importance

	Linux portal This article is within the scope of WikiProject Linux, a collaborative effort to improve the coverage of Linux on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.LinuxWikipedia:WikiProject LinuxTemplate:WikiProject LinuxLinux articles
Mid	This article has been rated as Mid-importance on the project's importance scale.

This article was nominated for merging with Sandbox (computer security) on September 14, 2015. The result of the discussion was no consensus.

Patents comment is not NPOV[edit]

I feel that the phrase "burdened with patents that aim to restrict the freedoms of grid computing service providers" is not NPOV. Yes, CPUshare has patents, but Andrea says that "the CPUShare project has simply no choice but to try to play best by the current rules of the economy in the hope to succeed." This suggests to me that it is an issue of preventing larger companies from squashing CPUshare by simply creating a much larger service that can easily beat it.

While the ethics of patenting this may be dubious, we should present both sides of the issue, and not put words in Andrea's mouth about the reason for the patents.

-- ThinkingInBinary 13:09, 14 November 2006 (UTC)[reply]

I've removed the sentence in question. In an article about seccomp, it is not particularly relevant anyway, whether CPUShare is covered by patents or not. -- Rune Kock (talk) 23:48, 17 March 2009 (UTC)[reply]

No overhead any more[edit]

With the merging of this patch in the mainline kernel seccomp become a totally zero-overhead feature despite the tsc disable.

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cf99abace7e07dd8491e7093a9a9ef11d48838ed

This further patch even reduces the fixed number of bytes that seccomp takes in the kernel .text:

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1d9d02feeee89e9132034d504c9a45eeaf618a3d

So the most recent part of the seccomp article is now incorrect and outdated. And I refrain to comment on the CPUShare part because I've clear conflict of interest, so I'll wait the community to sort it out eventually.

Andrea —Preceding unsigned comment added by 88.149.242.247 (talk • contribs)

Completely redesigned[edit]

Indeed, the whole seccomp mechanism has been dusted off and redesigned since the information in the article. Ris icle (talk) 22:32, 31 May 2012 (UTC)[reply]

Merge into sandbox (computer security)[edit]

The following discussion is closed. Please do not modify it. Subsequent comments should be made in a new section. A summary of the conclusions reached follows.

The result of this discussion was no consensus. — Dsimic (talk | contribs) 10:21, 6 February 2016 (UTC)[reply]

This article is a rather niché topic, and I believe it belongs with sandbox (computer security). My reasoning is this:

It's a rather technical subject, only a small component of an OS with little more interface than a set of system calls, with little opportunity to expand.
It is only one mechanism of sandboxing.
The sandbox (computer security) article is already not very long, and this could be used as an example.

--70.185.221.158 (talk) 13:46, 14 September 2015 (UTC)[reply]

Oppose: seccomp is notable enough on its own to deserve a separate article, and the fact that seccomp is a technical subject changes pretty much nothing regarding its suitability. We also have other sandbox-like mechanisms (AppArmor, for example) that are described in separate articles as purely technical subjects. — Dsimic (talk | contribs) 14:07, 14 September 2015 (UTC)[reply]
Oppose Since currently there is various similar systems in development I think it is important to really differentiate them. Sandboxes can have rather big differences in how they work, what their features are and of course which operating systems they support and which software has implemented them (see the list in the article). I would consider sandboxes a class of software and sandboxing a technique. I agree that if there is sandboxes that barely have users they should be grouped together, but there is a lot one can write about seccomp. For example the history is interesting, that one of the original uses was actually to allow distributed computing with untrusted code. Also it seems to develop, so one might want to add a history, similar to other software projects. For the history parts, etc. I disagree with your first point. I agree with it being only one mechanism, however I think a separate article would probably allow one to go deeper. On the size of the articles I would say that they are simply not written yet. Doing sandboxing the right way (especially on topics like complexity and flexibility) is still a rather new topic. Seccomp is one technology allowing that, but just like I wouldn't put all the software regarding operating system containers (which to some degree and in some areas is a competing technique) into one article I also wouldn't put all the sandboxing technologies into one article. I think there is at least some room for extending both the sandbox and the seccomp article. The focus should maybe lie there, rather than merging the articles. Athaba (talk) 14:03, 10 January 2016 (UTC)[reply]

The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

Sydbox section reads like an advert[edit]

The part of the article talking about Sydbox as a user of seccomp is too long as the rest of the list is just a list of users and how they use seccomp whereas that item has a whole paragraph and too many references for a simple list. — Preceding unsigned comment added by Mjaggard (talk • contribs) 09:56, 27 January 2022 (UTC)[reply]

Translated to Japanese[edit]

Hi! I appreciate your wonderful articles. And, I translated this article and create a new Japanese edition. ja:Secure computing mode. Sorry, some of the translation is not completed and under progress, especially "Software using seccomp or seccomp-bpf" section. Best regards, Mr T.I.71 (talk) 10:05, 2 April 2023 (UTC)[reply]