HackerTrans
トップ新着トレンドコメント過去質問紹介求人

harporoeder

no profile record

投稿

Anthropics Buffa: a Rust implementation of protobuf

github.com
3 ポイント·投稿者 harporoeder·4 か月前·0 コメント

Personal Identification Secure Comparison and Evaluation System

en.wikipedia.org
2 ポイント·投稿者 harporoeder·4 か月前·0 コメント

Passwords and Power Drills

google.github.io
121 ポイント·投稿者 harporoeder·9 か月前·29 コメント

Offset Geometric Contact (OGC)

graphics.cs.utah.edu
17 ポイント·投稿者 harporoeder·10 か月前·3 コメント

Finra Approved Amendments for Pattern Day Trading Rules

finra.org
1 ポイント·投稿者 harporoeder·10 か月前·0 コメント

Random Mosaic – Detecting unauthorized physical access with colored rice (2021)

dys2p.com
92 ポイント·投稿者 harporoeder·10 か月前·14 コメント

Unitree G1 has mastered more quirky skills [video]

youtube.com
16 ポイント·投稿者 harporoeder·10 か月前·6 コメント

Using keepassxc-CLI as Git merge driver

200ok.ch
2 ポイント·投稿者 harporoeder·10 か月前·0 コメント

Code Verify: An open source browser extension for verifying code authenticity

engineering.fb.com
60 ポイント·投稿者 harporoeder·2 年前·28 コメント

コメント

harporoeder
·4 か月前·議論
A default container seccomp profile will let you do quite a few things but you can use a different profile some json and limit to just a few system calls if you want such as doing IO on open FDs without the ability to open them. I think the runtime opens the FDs before the child process starts and are inherited.
harporoeder
·4 か月前·議論
This is essentially what containers are. Bubblewrap / Docker / Podman. I think the primary issue is very few applications on Desktop systems are actually designed with sandboxing in mind unlike say something on a phone.
harporoeder
·8 か月前·議論
The killer application in this case is ATAK.

https://en.wikipedia.org/wiki/Android_Team_Awareness_Kit