Could parse /proc/self/maps if you had a ghostscript memory corruption, evince etc. all call gs in the backend. Heh.
-
-
-
We need to run all this junk inside a container to limit the impact of exploits. To much technical debt to fix every library I think
End of conversation
New conversation -
-
-
I once saw a SQL injection where the output was rendered in an image.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Flatpack aims to do that. Sandboxes using namespaces, bind mounts, cgroups, etc: http://flatpack.org
-
Doesn't use containers because of perf and layering , but the format allows that if people want to implement that.
- 7 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.