Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You can use linux namespaces or a tool like bubblewrap to sandbox the process which makes it reasonably secure. However if you're running a GUI app that rendres to an X11 server all your security gains go out the window.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: