Comment by ATechGuy
7 days ago
> As long as there is a full OS running, you are one libc function away from a sandbox escape.
Does this mean, all software in the world is just one function away from escape?
7 days ago
> As long as there is a full OS running, you are one libc function away from a sandbox escape.
Does this mean, all software in the world is just one function away from escape?
Yup. Technically, just one external reference outside of the sandbox environment from within the sandbox environment ("software stargate portal address to alternate environment" / one evaluated part of the s-expression using a system() reference).
Running software is insecure the moment the electrical switch is on / start checking out shrodingers box. Although, reverse shrodingers cat might be more accurate. aka can escape the box if someone peaks from outside the box.