On Thu 2017-01-12 17:13:25, Florian Weimer wrote:
> On 01/03/2017 09:54 PM, Pavel Machek wrote:
> >...actually, with strace and batched interface, it will be impossible
> >to see what is going on because of races. So I'm not sure if I like
> >the batched interface at all...
> 
> I'm not sure if I understand this problem.
> 
> ioctl, fcntl, most socket system calls, even open all have this problem as
> well, right?

Yes, ioctl() and similar are problematic. Still it is possible to
implement secure sandbox using ptrace. Dealing with indirect mmap()
would difficult AFAICT.

									Pavel

-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html