Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.satoshishop.de/users/mk/statuses/111844689886334329">mk (mk@mastodon.satoshishop.de)'s status on Tuesday, 30-Jan-2024 20:35:34 JST</a><a href="https://mastodon.satoshishop.de/@mk" title="mk@mastodon.satoshishop.de"><img src="https://gnusocial.jp/avatar/78235-48-20221221014052.webp" width="48" height="48" alt="mk" style="position: absolute; left: 0; top: 0;">mk</a><div><a href="https://qoto.org/@bonifartius/111844520435528487" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/48106" title="theorytoe@ak.kyaruc.moe">T man :sex: :puffgiga: :puffpowerroll:</a></li><li><a href="https://gnusocial.jp/user/239051" title="rgbcube@poa.st">RGBCube</a></li></ul></div></section><article><p><a href="https://qoto.org/@bonifartius">@bonifartius</a> <a href="https://poa.st/users/RGBCube">@RGBCube</a> <a href="https://ak.kyaruc.moe/users/theorytoe">@theorytoe</a> </p><p>are these two technologies making a operating system saver from a hijacked/hacked process?</p><p>yes or no.</p><p>- namespaces are a copy of a plan9 idea to have composable environments, isolation is a side effect.</p><p>- cgroups limit resource usage, might be worthwhile to prevent some daemon going crazy. otoh there already were things in place for that like umask.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2649344#notice-5260429">In conversation</a><time datetime="2024-01-30T20:35:34+09:00" title="Tuesday, 30-Jan-2024 20:35:34 JST">about a year ago</time> <span>from <span><a href="https://mastodon.satoshishop.de/@mk/111844689886334329" rel="external" title="Sent from mastodon.satoshishop.de via ActivityPub">mastodon.satoshishop.de</a></span></span><a href="https://mastodon.satoshishop.de/@mk/111844689886334329">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
mk (mk@mastodon.satoshishop.de)'s status on Tuesday, 30-Jan-2024 20:35:34 JSTmk
in reply to
@bonifartius @RGBCube @theorytoe
are these two technologies making a operating system saver from a hijacked/hacked process?
yes or no.
- namespaces are a copy of a plan9 idea to have composable environments, isolation is a side effect.
- cgroups limit resource usage, might be worthwhile to prevent some daemon going crazy. otoh there already were things in place for that like umask.
In conversationabout a year ago from mastodon.satoshishop.depermalink

Public

Embed Notice

HTML Code

Corresponding Notice