Comment by matheusmoreira
2 years ago
I worry about that risk as well. I assume that even if Linux were to introduce a mechanism for system call authentication, it would be something lone would be able to use to mark its system call primitive as allowed.
Perhaps. To be fair, I'm not aware of anything on the horizon, other than the fact that OpenBSD has been showing off their pinning implementation.
As long as you know it's a possibility, then the point of my original comment is met.
Good luck on this project. I look forward to seeing it progress.
Thank you!