Y
Hacker News
new
|
ask
|
show
|
jobs
by
quotemstr
362 days ago
Wait. What? What escapes? Is it that bubblewrap not faithfully implement the policy you give it or that there are surprising gaps in the kernel's namespace isolation?