Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

RHEL kernel.. right. Imho, I'd trust an upstream stable kernel far more than a RHEL one for production which has dozen of feature backports and an internal kABI to maintain.. granted RH has a QA team, but it is still impossible to test everything beforehand.


On the upside, non root users can't insert ebpf code, so its a priv'ed operation, not like other distros.


Isn’t it tied to CAP_BPF on every distro since the 5.8 kernel?

https://mdaverde.com/posts/cap-bpf/


Rhel8 is based on 4.18 RHEL9 is based on 5.14 , i think it still has the same restriction ( kernel.unprivileged_bpf_disabled ).

I reckon Red Hat may duplicate upstreams behavior by RHEL10.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: