Y
Hacker News
new
|
ask
|
show
|
jobs
by
wpm
136 days ago
I'm surprised that given Apples love of sandboxing, especially on iOS, that XNU doesn't have something similar to namespaces or jails.
1 comments
bjoli
136 days ago
IIRC they went for policy based sandboxing with Seatnelt and SIRP. That is pretty darn nice for gui apps, but not very good for things like containers.
link