rapist nigger child porn on Nostr: cinerion Jesus, what a mess. i didn't know debian was like that either >jails or some ...
cinerion (npub1nts…y4mr) Jesus, what a mess. i didn't know debian was like that either
>jails or some form of containerization?
no.
theres pledge(2) and unveil(2), which limit system calls and filesystem access to programs that use it respectively. but the program/service has to be compiled with it. vmm(4) for virtualization and chroot are there too
best you could do to "isolate" services would be to create a homedir and user for each one, probably
i do recommend doe, piss easy to use and maintain. plus security and epeen. and nigga fish lips
>jails or some form of containerization?
no.
theres pledge(2) and unveil(2), which limit system calls and filesystem access to programs that use it respectively. but the program/service has to be compiled with it. vmm(4) for virtualization and chroot are there too
best you could do to "isolate" services would be to create a homedir and user for each one, probably
i do recommend doe, piss easy to use and maintain. plus security and epeen. and nigga fish lips