GNU bug report logs - #61216
Disabling unprivileged BPF by default in our kernels

Previous Next

Package: guix;

Reported by: Tobias Geerinckx-Rice <me <at> tobias.gr>

Date: Wed, 1 Feb 2023 19:46:02 UTC

Severity: normal

Done: Tobias Geerinckx-Rice <me <at> tobias.gr>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Tobias Geerinckx-Rice <me <at> tobias.gr>
To: Ekaitz Zarraga <ekaitz <at> elenq.tech>
Cc: help-guix <at> gnu.org, Christian Gelinek <christian.gelinek <at> mailbox.org>
Subject: bug#61216: Disabling unprivileged BPF by default in our kernels
Date: Wed, 01 Feb 2023 20:43:42 +0100

[Message part 1 (text/plain, inline)]
Ekaitz Zarraga 写道:
> What does Debian's kconfig list for 
> CONFIG_BPF_UNPRIV_DEFAULT_OFF?

I've always had this option set to Y in my own kernels, and it has 
never so much as inconvenienced me.  However, I'm not a BPF power 
user.

Does anyone know any serious and concrete drawbacks to setting 
this option in all Guix kernels, to increase default security & 
better align with other major distros?

Kind regards,

T G-R

[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 2 years and 87 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.