Comment by arminiusreturns

Very cool and fun.

I do worry about running so much stuff in kernel space though. Imagine a widespread 0day that hits the kernel, or kernel panics causing kernel crashes that require reboots, the user space priv escalation, etc...

Are you doing fail-open or fail-closed? I've been on the fence on that.