Günther Noack

> > I suggest using a simplified version of a file/dir access rules like RW, RO. In this case, we could use RODirs()...RwFiles() > > RW and RO are misleading...

> we were able to fix this by making the windows i/o buffer dynamically adjustable, as in [tilt-dev#5](https://github.com/tilt-dev/fsnotify/pull/5) I believe the reason why this is not fixed yet is because...

> I'm using Qemu for tests too, but I have a patch to enable it on User-Mode Linux, which makes testing easier. Actually it is trivial to enable it on...

...and explain how the go-landlock library can evolve if in the future Landlock supports more than filesystem restrictions.

Thank you for your request. This feature request would make the go-landlock library the place where the valid configuration values for your project's config files are defined. This set of...

@BoardzMaster if you're letting the user specify the HandledAccessFS set on their own, there is no point in specifying a Landlock version. `landlock.V1` is really only a shortcut to say...

Whoops, undid the git push for now after reading https://github.com/opencontainers/runc/pull/3194#discussion_r702268730 - let's digest this a bit more to come to an agreement. In the meantime, or if we end up...

I agree, it can do that too if necessary, or we could just expose both. I'm letting this issue bake a bit at the moment, as I don't understand the...

Remark, could have been used here: https://github.com/oxzi/gosh/blob/main/internal/hardening_linux.go#L32

Yes, this moved to line https://github.com/oxzi/gosh/blob/main/internal/hardening_linux.go#L27 Looking at this example again, I realize it's actually slightly different to the one that this bug started with. - I think in the...