From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:57440)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <coreyb@linux.vnet.ibm.com>) id 1TOrip-00067a-1n
	for qemu-devel@nongnu.org; Thu, 18 Oct 2012 11:09:22 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <coreyb@linux.vnet.ibm.com>) id 1TOrij-0006Qg-8w
	for qemu-devel@nongnu.org; Thu, 18 Oct 2012 11:09:18 -0400
Received: from e38.co.us.ibm.com ([32.97.110.159]:51622)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <coreyb@linux.vnet.ibm.com>) id 1TOrij-0006QZ-2H
	for qemu-devel@nongnu.org; Thu, 18 Oct 2012 11:09:13 -0400
Received: from /spool/local
	by e38.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only!
	Violators will be prosecuted
	for <qemu-devel@nongnu.org> from <coreyb@linux.vnet.ibm.com>;
	Thu, 18 Oct 2012 09:09:11 -0600
Received: from d03relay02.boulder.ibm.com (d03relay02.boulder.ibm.com
	[9.17.195.227])
	by d03dlp02.boulder.ibm.com (Postfix) with ESMTP id BE0063E4007D
	for <qemu-devel@nongnu.org>; Thu, 18 Oct 2012 09:08:43 -0600 (MDT)
Received: from d03av01.boulder.ibm.com (d03av01.boulder.ibm.com [9.17.195.167])
	by d03relay02.boulder.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id
	q9IF8bQd213720
	for <qemu-devel@nongnu.org>; Thu, 18 Oct 2012 09:08:39 -0600
Received: from d03av01.boulder.ibm.com (loopback [127.0.0.1])
	by d03av01.boulder.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP
	id q9IF8aVb016006
	for <qemu-devel@nongnu.org>; Thu, 18 Oct 2012 09:08:37 -0600
Message-ID: <50801B72.5050809@linux.vnet.ibm.com>
Date: Thu, 18 Oct 2012 11:08:34 -0400
From: Corey Bryant <coreyb@linux.vnet.ibm.com>
MIME-Version: 1.0
References: <1350479712-15082-1-git-send-email-otubo@linux.vnet.ibm.com>
	<1350479712-15082-2-git-send-email-otubo@linux.vnet.ibm.com>
In-Reply-To: <1350479712-15082-2-git-send-email-otubo@linux.vnet.ibm.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH 2/4] Setting "-sandbox on" as deafult
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Eduardo Otubo <otubo@linux.vnet.ibm.com>
Cc: pmoore@redhat.com, aliguori@us.ibm.com, qemu-devel@nongnu.org

I think it's worth nothing that Eduardo is planning to submit a separate 
patch providing (commented out?) code that will allow developers to 
easily determine the syscalls that need to be added to the whitelist. 
That is, if QEMU is being killed by seccomp due to disallowed syscall usage.

-- 
Regards,
Corey Bryant