alt Hacker NewsMy code editor works in a sandbox. It's difficult because Linux doesn't provide it and one has to write it manually using shell scripts, random utilities. For example, I had also to write a limited FUSE emulation of /proc to allow code editor work without access to real /proc which contains lot of unnecessary information.
And if it's a "professional" setting, the company could hire a part-time developer for writing the sandbox.
Replies
junon • yesterday at 12:58 PM
Good luck selling that to thousands of managers. That's my point. It's easy to list things that should be done. It's harder to get them greenlit.
could you share with us those utilities? I've tried doing the same with AppArmor, but I ended up having endless warnings and weird bugs.