The things you're missing: 1. This requires root. 2. eBPF also requires root usu... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		IshKebab 25 days ago \| parent \| context \| favorite \| on: Rex is a safe kernel extension framework that allo... The things you're missing: 1. This requires root. 2. eBPF also requires root usually. As I understand it it was originally meant to be secure enough to allow unprivileged use but Spectre ruined that and now they've given up on that.

p-e-w 25 days ago [–]

How would Spectre, a timing attack that does not require root, affect whether eBPF is safe to run as root?

IshKebab 25 days ago | [–]

It doesn't. Spectre means unprivileged use of eBPF is insecure.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact