-
gVisor emulates the majority of linux syscalls in userland, providing a respectable sandbox.
gVisor provides a runtime (runsc) capable of running OCI spec containers. https://gvisor.dev/docs/user_g…
ghost updated
2 months ago
-
### Description of the problem
The tests contains 5 subset, the file is opened with O_RDWR | O_PATH flag and it is tested with 5 different syscall `write, read, fcmod, fchown, fgetxattr`
Test for …
-
https://falco.org/
Evaluate:
- Community adoption
- Chainguard/Ironbank support
- Feature parity with NeuVector
- Out of the box experience and alignment with deployment methodology (helm, conf…
-
For example:
- VirtualProtect, NtProtectVirtualMemory
- memcpy
-
With the version 5.11 of the linux kernel came a feature called [Syscall User Dispatch](https://www.kernel.org/doc/html/latest/admin-guide/syscall-user-dispatch.html).
>Syscall User Dispatch brings…
-
### What version of Go are you using (`go version`)?
$ go version
go version go1.19.4 darwin/arm64
This is on macOS 12.6.1 with an M1 chip, but the problem seems to affect [Intel as well](h…
-
Figuring out the memory footprint of each audit record as it flows through the system (gen -> netlink -> auditd -> file). This will help with understanding additional memory requirements when it comes…
-
```
This follows on from http://code.google.com/p/chromium/issues/detail?id=39292
The comments in minidump_writer.cc say:
// This code has to run in a compromised environment (the address space
// ma…
-
```
This follows on from http://code.google.com/p/chromium/issues/detail?id=39292
The comments in minidump_writer.cc say:
// This code has to run in a compromised environment (the address space
// ma…
-
```
This follows on from http://code.google.com/p/chromium/issues/detail?id=39292
The comments in minidump_writer.cc say:
// This code has to run in a compromised environment (the address space
// ma…