Y
Hacker News
new
|
ask
|
show
|
jobs
by
superb_dev
296 days ago
Why do they disable io_uring?
2 comments
arianvanp
296 days ago
Sandboxing like gvisor is based on syscalls and iouring makes your code syscallless
link
alpb
295 days ago
Security reasons.
https://news.ycombinator.com/item?id=44632240
There are also other edge cases around cgroups accounting that renders some isolation/throttling mechanisms not fully effective.
link