colin/bubblewrap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make notes on sandstorm.io somewhat more accurate

Browse Source 
Sandstorm actually requires userns today; it doesn't use a setuid helper. I adjusted the text to reflect the e-mail conversation I had with @cgwalters a few months ago.
Closes: #89
Approved by: cgwalters
This commit is contained in:
Kenton Varda
2016-08-07 13:04:08 -07:00
committed by Atomic Bot
parent 133dcb7cba
commit f37abd142f
1 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@@ -157,10 +157,14 @@ such.
Related project comparison: Sandstorm.io Related project comparison: Sandstorm.io
---------------------------------------- ----------------------------------------
[Sandstorm.io](https://sandstorm.io/) also has a setuid helper [Sandstorm.io](https://sandstorm.io/) requries unprivileged user
process. @cgwalters believes their setuid code is fairly good, but it namespaces to set up its sandbox, though it could easily be adapted
could still make sense to unify on bubblewrap as a setuid core. That to operate in a setuid mode as well. @cgwalters believes their code is
hasn't been ruled out, but neither is it being actively pursued today. fairly good, but it could still make sense to unify on bubblewrap.
However, @kentonv (of Sandstorm) feels that while this makes sense
in principle, the switching cost outweighs the practical benefits for
now. This decision could be re-evaluated in the future, but it is not
being actively pursued today.
Related project comparison: runc/binctr Related project comparison: runc/binctr
---------------------------------------- ----------------------------------------