Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.satoshishop.de/users/mk/statuses/111844689886334329">mk (mk@mastodon.satoshishop.de)'s status on Tuesday, 30-Jan-2024 20:35:34 JST</a><a href="https://mastodon.satoshishop.de/@mk" title="mk@mastodon.satoshishop.de"><img src="https://gnusocial.jp/avatar/78235-48-20221221014052.webp" width="48" height="48" alt="mk" style="position: absolute; left: 0; top: 0;">mk</a><div><a href="https://qoto.org/@bonifartius/111844520435528487" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/48106" title="theorytoe@ak.kyaruc.moe">T man :sex: :puffgiga: :puffpowerroll:</a></li><li><a href="https://gnusocial.jp/user/239051" title="rgbcube@poa.st">RGBCube</a></li></ul></div></section><article><p><a href="https://qoto.org/@bonifartius">@bonifartius</a> <a href="https://poa.st/users/RGBCube">@RGBCube</a> <a href="https://ak.kyaruc.moe/users/theorytoe">@theorytoe</a> </p><p>are these two technologies making a operating system saver from a hijacked/hacked process?</p><p>yes or no.</p><p>- namespaces are a copy of a plan9 idea to have composable environments, isolation is a side effect.</p><p>- cgroups limit resource usage, might be worthwhile to prevent some daemon going crazy. otoh there already were things in place for that like umask.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2649344#notice-5260429">In conversation</a><time datetime="2024-01-30T20:35:34+09:00" title="Tuesday, 30-Jan-2024 20:35:34 JST">about 10 months ago</time> <span>from <span><a href="https://mastodon.satoshishop.de/@mk/111844689886334329" rel="external" title="Sent from mastodon.satoshishop.de via ActivityPub">mastodon.satoshishop.de</a></span></span><a href="https://mastodon.satoshishop.de/@mk/111844689886334329">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
mk (mk@mastodon.satoshishop.de)'s status on Tuesday, 30-Jan-2024 20:35:34 JSTmk
in reply to
@bonifartius @RGBCube @theorytoe
are these two technologies making a operating system saver from a hijacked/hacked process?
yes or no.
- namespaces are a copy of a plan9 idea to have composable environments, isolation is a side effect.
- cgroups limit resource usage, might be worthwhile to prevent some daemon going crazy. otoh there already were things in place for that like umask.
In conversationabout 10 months ago from mastodon.satoshishop.depermalink

Public

Embed Notice

HTML Code

Corresponding Notice