Wow. I can't believe anyone even bothered adding seccomp to libmagic file(1). ... "file sets up its sandbox early and thus has to allow a ton of system calls (including open and write) ... this sandbox is somewhat useless, because it is way too weak."https://lwn.net/Articles/796108/ …
Hey Bryan, just curious and trying to understand this tweet (I’ve been exploring package system construction recently and it seems like it might be related). What’s it referring to?
-
-
If you read the lwn article link, search for "fakeroot".
-
Great, thanks. Somehow I totally missed the link in the first tweet when reading on my phone.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
