alt Hacker NewsNamespaces are a joke under Linux compared ot 9front. The last exploits under bubblewrap ran the same. OpenBSD has OpenSSH pledge'd and unveil'ed.
Namespaces are a joke under Linux compared ot 9front. The last exploits under bubblewrap ran the same. OpenBSD has OpenSSH pledge'd and unveil'ed.
Don't make the perfect be the enemy of the good. Just because they didn't stop escape via dirtyfrag doesn't make them useless let alone a joke. pledge and unveil are nice, but exactly how effective do you expect them to be against an ssh/sftp server? Maybe you have ssh configured so it can't manipulate user and/or system files, but that isn't typically common usage.