Y
Hacker News
new
|
ask
|
show
|
jobs
by
Asmod4n
160 days ago
Ain’t eBPF hooks there so you can limit what a cgroup/process can do, not matter what API it’s calling. Like disallowing opening files or connecting sockets altogether.