madaidan
madaidan
Maybe it would be a good idea to make the `--unshare-user-try` flag check if `hidepid=1` or `hidepid=2` is in use as a work around for this so things that use...
It is very rough but I don't know how else to detect the flags.
I cannot reproduce this.
I've just gotten these errors: ``` AVC apparmor="DENIED" operation="signal" profile="spice-vdagentd" comm="systemd" requested_mask="receive" denied_mask="receive" signal=term peer="init-systemd" AVC apparmor="DENIED" operation="signal" profile="spice-vdagentd" comm="systemd" requested_mask="receive" denied_mask="receive" signal=kill peer="init-systemd" AVC apparmor="DENIED" operation="signal" profile="spice-vdagent" comm="systemd" requested_mask="receive"...
Don't worry, asking questions isn't annoying at all. > It looks like applications are run as the sandbox user via sudo -u ${app_user}. Does this mean that the main user...
It's on a hiatus for now. I've been too busy with other projects like Whonix.
> do you think there is a bit too much fragmentation? I don't think so. Most projects I've seen have different goals/methods. For example, I've yet to find another hardened,...
Tails only supports Tor.
That's what Obscurix is.
> The reason we don't have more alternatives is that there is no kernel support for doing such things unprivileged. Once that shows up we can do better. Why does...