-
RFC Link: https://github.com/opensearch-project/OpenSearch/issues/11061
## High Level Approach
### Tracked System Resources per Sandbox
We are going to track the following resources per sandb…
-
Sandboxing is a more and more popular technique that shall prevent some attacks from untrusted applications, or applications which operate on data from non-trustworthy sources (read: things downloaded…
-
Just out of curiosity. What hurdles prevent support for sailjail? The shared key/location? The different app data directories? Thx.
ehdis updated
2 years ago
-
This is coming from #1583. Here's the idea: you should be able to designate some users as "sandboxed". A sandboxed user can only join a whitelisted set of channels (e.g., "#help", "#appeals"). They ca…
-
goal: provide easy way to test an untrusted program
## chroot
[How to use a chroot-jail for software development - Gernot.Klingler](https://gernotklingler.com/blog/use-chroot-jail-software-develop…
-
_From @beefsack on April 14, 2015 13:13_
Currently a bug in a game can kill the server, either eating all the resources or crashing completely.
Having a rescue function and possibly a timed cancel c…
-
Since WeServer is trusted with a lot of access to data on macOS, is there a way to sandbox it to just the absolutely-necessary privileges?
For example: I notice that we're recommended to give it [f…
-
Not sure if it's possible because of flatpak sandboxing nature but can you look for doing a version in flatpak? you will be able to support all major distro with
Also because Alpine linux does not …
-
I'm using iMedia in an app and I want to/have to activate Application Sandboxing for my app.
When activating the Pictures Folder Access and the User Selected File Assets entitlements (those were the o…
-
Most sections in the Best Practices/Security guide feature a handy information box when the recommendation is the default behavior.
This seems to be missing from _4. Enable process sandboxing_
…