[#]linux #systemd allows for executing services with reduced #capabilities and #permissions for #security. Has everyone ever investigated what the cost is, in terms of performance and such, when these protections are maximized within the needs of these services.
I know that, for example, user-namespaces have their own drawbacks but need to be available for some protections to be possible.
Is it all worth the cost?
Is there any insight on any of this?
=> More informations about this toot | View the thread | More toots from cobratbq@mastodon.social
=> View linux tag | View systemd tag | View capabilities tag | View permissions tag | View security tag This content has been proxied by September (ba2dc).Proxy Information
text/gemini