10 Apr
2021
10 Apr
'21
10:55
On 4/10/21 12:10 AM, Matěj Cepl wrote:
Dne 09. 04. 21 v 23:48 Michael Ströder napsal(a):
At the moment I feel more a push-back when adding e.g. systemd sand-boxing than anything else. Just changing a technology is not a solution for anything.
Nothing again sand-boxing, it might useful for some applications, but it is much more crude and much less useful, IMHO.
IMO systemd.exec(5) SystemCallFilter= is not crude at all. For me it's a low-hanging fruit. But differences in systemd versions in Leap and Tumbleweed are an obstacle.
Ciao, Michael.