1. 41

  2. 1

    Maybe this is a dummy question, but:

    we depend on operating system features to share as much memory between instances as we can,

    Isn’t this a potential attack vector? Depends on a bug on the underlying system, but, still?

    1. 3

      Everything is an attack vector.

      1. 2

        Sure, if there is a bug in e.g. Linux’s MAP_PRIVATE implementation then it could become an attack vector. If that tradeoff doesn’t make sense for someone then the feature can be disabled.