[May talk offer] process sandboxing three+ ways

[Cameron Kerr]

Hi all,

I've been working on some security improvements, experimenting with sandboxing techniques to improve the security for report generation. I thought it may be of interest for May's talk.

After at least a couple of days of back and forth between firejail and bubblewrap, I decided to have Claude make an experiment/demo system for me to look at firejail, bubblewrap and nsjail, which took just a few hours to iterate over for a replicable environment with a meaningful test.

As a maintenance engineer on what is essentially a monolithic server architecture, the tech will be mature and without a cloud in sight... but still quite applicable to any Linux server environment you're likely to encounter including, say, edge computing.

Interested?

Cheers,

Cameron

--
Cameron Kerr <cameron...@gmail.com>

[Worik Stanton]

That sounds very interesting!

W

--
You received this message because you are subscribed to the Google Groups "CodeCraft Dunedin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to codecraft-dune...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/codecraft-dunedin/CA%2BOO1yXrrsK%3Di%3DK8neWznxwG65fo7sSPnAUEVuNavhYNuvu3ng%40mail.gmail.com.

--

Dig it out of the ground
Melt it down
Bury it
Guard it