|
|
|
|
|
|
by codedokode
458 days ago
|
|
|
Bubblewrap is very limited, for example it doesn't allow to grant access to /proc/self/exe without giving access to whole /proc subsystem. So I had to write an emulation of /proc in Python and mount it with FUSE to work around this. I wonder if this issue is fixed in landlock, firejail and others. Also bubblewrap cannot ask for a decision in runtime: you must set up the rules beforehand. |
|
|