← Back to context

Comment by reactordev

1 month ago

Careful, you’re talking to developers now. Chmod is for wizards, Harry. One wouldn’t dream of disturbing the Linux gods with my own chmod magic. /s

Yes, this is indeed the answer. Create a fake root. Create a user. Chmod and chgrp to restrict it to that fake root. ln /bin if you need to. Let it run wild in its own crib.

2 comments

reactordev

Reply
seba_dos1  1 month ago

Though why bother if you can just put it into a namespace? Containers can be much simpler than what all this Docker and Kubernetes shit around suggests.

  • reactordev  1 month ago

    I agree. It’s just what the developer knows. Fine. Use whatever you know at your disposal to sandbox it. The ends justify the means.