Lennart Poettering on Nostr: …is almost always he better way to sandbox regular services than PrivatePIDs=. ...
…is almost always he better way to sandbox regular services than PrivatePIDs=. (PrivateProc= hides processes, but doesn't renumber them or introduce a new PID 1 with its special semantics. PrivatePIDs= does otoh renumbers and does synthesize a new PID 1).
Anyway, this is all for today!
Published at
2024-12-10 10:47:18Event JSON
{
"id": "6a850dba9e413a9ded9148d1efa56152eb3af69d8c6e5b975e3b139b09b0223d",
"pubkey": "1d95c32d9a9d95a54f98eb2eaa156f3d3a71dc49eca2c960b2b89962758f1cc0",
"created_at": 1733827638,
"kind": 1,
"tags": [
[
"e",
"eb4af21b7cffd5918164dabc930c02751d9b618264e7a1067d6ef78755a17131",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://mastodon.social/users/pid_eins/statuses/113628128112517982",
"activitypub"
]
],
"content": "…is almost always he better way to sandbox regular services than PrivatePIDs=. (PrivateProc= hides processes, but doesn't renumber them or introduce a new PID 1 with its special semantics. PrivatePIDs= does otoh renumbers and does synthesize a new PID 1).\n\nAnyway, this is all for today!",
"sig": "07978f5d5ec86f04c23e6b31c3b75cb0d2643f19ae76548ff7a9b336bb4a41f7237e096eaf84c90a1b9d4fe807192aa0001ca79a5c8e5e8c25306a502fcd7bff"
}
