zlacker

[parent] [thread] 0 comments
1. its-su+(OP)[view] [source] 2026-02-07 23:47:22
Outside of VM usage, the answer seems to be (on top of containerization and selinux) writing a tight seccomp filter.

Gleaned from https://github.com/containers/bubblewrap/blob/0c408e156b12dd... and https://github.com/containers/bubblewrap/tree/0c408e156b12dd...

[go to top]