On Sat, Jun 5, 2021 at 11:11 AM Casey Schaufler [off-list ref] wrote:
You have fallen into a common fallacy. The fact that the "code runs"
does not assure that the "system works right". In the security world
we face this all the time, often with performance expectations. In this
case the BPF design has failed [..]
I think it's the lockdown patches that have failed. They did the wrong
thing, they didn't work,
The report in question is for a regression.
THERE ARE NO VALID ARGUMENTS FOR REGRESSIONS.
Honestly, security people need to understand that "not working" is not
a success case of security. It's a failure case.
Yes, "not working" may be secure. But security in that case is *pointless*.
Linus