Symbolic links bite again! This time it's #NixOS did you know #sydbox has trace/force_no_symlinks and trace/force_no_magiclinks options to disable following symlinks/magiclinks? You can even change them at runtime to achieve #pledge like confinement: https://discourse.nixos.org/t/nix-security-advisory-privilege-escalation-via-symlink-following-during-fod-output-registration/76900 #nix #linux #security
alip
@alip@mastodon.online
Homo Ludens. I push wood, set traps, write code and poetry. # sydbox is my problem child. I live in # Berlin . I am an # Exherbo # Linux developer. I love # chess , # freesoftware , # poetry , # perl , # c , # rustlang , and # haskell . # Antifa , # Atheist , # fckafd , and # fckakp . Don't come to me with guns, come to me with roses. # Revolution will not be broadcasted on TV. # direngezi ! https:// chesswob.org https:// git.sr.ht/~alip/jja https:// sydbox.exherbolinux.org
mastodon.online
alip
@alip@mastodon.online
Homo Ludens. I push wood, set traps, write code and poetry. # sydbox is my problem child. I live in # Berlin . I am an # Exherbo # Linux developer. I love # chess , # freesoftware , # poetry , # perl , # c , # rustlang , and # haskell . # Antifa , # Atheist , # fckafd , and # fckakp . Don't come to me with guns, come to me with roses. # Revolution will not be broadcasted on TV. # direngezi ! https:// chesswob.org https:// git.sr.ht/~alip/jja https:// sydbox.exherbolinux.org
mastodon.online
@alip@mastodon.online
·
Apr 09, 2026
0
0
0
Loading comments...