Thought: is it possible to run in a chroot, to limit access to things like SSH keys and other files on disk? Or maybe I should be using a container...
Conversation
I've not used this myself yet, but somone pointed it out recently: check out the "bwrap" (bubblewrap) command.
1
1
Also obligatory Nix plug...
Translate Tweet