-
**Description**
A discrepancy with Linux was found while improving a PacketImpact test for UDP socket send and receive.
On Linux, UDP sockets do not receive traffic from the IPv4 all systems mu…
-
After creating the cluster, I see that `kube-dns` and `kubernetes-dashboard` are still in `ContainerCreating` state.
```
[kubernetes@kata-gvisor-bastion01 ~]$ kubectl get pods --all-namespaces
N…
-
**Description**
We have code to drop ambient capabilities that looks like this:
```c
prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_CLEAR_ALL, 0, 0, 0);
prctl(PR_SET_SECUREBITS, SECBIT_KEEP_CAPS_LOCKED | …
-
This fork is a little behind upstream, and in particular is missing https://github.com/nshalman/wireguard-go/commit/42ec952eadc297efadc70b9911d5a59bcd2db4a6 which will hopefully fix the build against …
-
Hello I'm triying to compile (Macos Ventura M2 chip)
I have this error
imports gvisor.dev/gvisor/pkg/gohacks: build constraints exclude all Go files in /Users/sergi/go/pkg/mod/gvisor.dev/gvisor…
-
在 macOS 环境下,我尝试使用 pcap2socks 将流量通过 v2rayU VPN 客户端代理,但 PS5 无法连接到服务器。我的设置如下:
游戏主机地址:192.168.0.103
SOCKS 代理地址:127.0.0.1:1080
启动命令:
sudo pcap2socks --source 192.168.0.103 --destination 127.0.0.1:1…
-
### Description
> mountpoint_s3::fuse: open failed: inode error: inode 3 (full key "synmon/test_file.txt") is not writable while being read
The issue is that gVisor's gofer client …
-
### Description
I'm not sure if it's WAI, is it possible to do runsc run in rootless with sandbox network mode?
Based on my understanding, sandbox network mode is securer but root mode is less sec…
-
Parent issue: https://github.com/freedomofpress/dangerzone/issues/221
# Security Concern
One aspect of the sanitization that Dangerzone has not targeted yet is avoid leaving traces of the conver…
-
### Description
The maximum stack size (set with `ulimit -s`) currently appears to be [limited to 128 MB](https://github.com/google/gvisor/blob/01142fe5992a57fce4ac748598337f4a27d1313b/pkg/sentry/m…