The latter is actually piping the output of a subshell into stdin, although it is the same construct as other FDs. From some digging, the correct forms are either<code>exec 3<> /path/to/file<br>bwrap --seccomp 3 ...<br></code>
or <code>bwrap --seccomp 3 ... 3</path/to/file<br></code>
depending on if you want the fd to be read/write or read-only.
And /proc/$pid/fd/ is one and the same with the integer file descriptors, it's just a way to see which process has what files open, and optionally to access them "out of band" (which is occasionally useful, since you can retrieve open-but-deleted files that way)
Emelia/Emi
npub18a…7pj7v
2025-03-05 05:52:23 UTC
in reply to nevent1q…g289
Author Public Key
npub18awg073vadjxw7vst9v3dduvxjulc7x7jjyskvqkjfa99xn28zdqj7pj7vSeen on
wss://relay.momostr.pinkPublished at
2025-03-05 05:52:23 UTCEvent JSON
{
"id": "2c407920680f8a05ce7be4da46a2f7623f228d394e9e85a43f0fefe74d50a5aa",
"pubkey": "3f5c87fa2ceb64677990595916b78c34b9fc78de94890b3016927a529a6a389a",
"created_at": 1741153943,
"kind": 1,
"tags": [
[
"p",
"4014f060ca2d2c1ededbca93ba6100f82d96b0bcadba56a82f0ecc9ab1d468c0"
],
[
"p",
"8ab44a84fb757fea3c983e68a9bcc8e331fa49ed99cfcfd06a4499d542eae93c"
],
[
"e",
"d5182c33d013400a170a6dda35568d1fa8b03977e46767de9c5d536833496b12",
"",
"reply",
"8ab44a84fb757fea3c983e68a9bcc8e331fa49ed99cfcfd06a4499d542eae93c"
],
[
"e",
"65c2ab932b24ad388ebc7853cf37645c462438cf8289ff33bb25d7198323509f",
"",
"root",
"4014f060ca2d2c1ededbca93ba6100f82d96b0bcadba56a82f0ecc9ab1d468c0"
],
[
"p",
"3f5c87fa2ceb64677990595916b78c34b9fc78de94890b3016927a529a6a389a"
],
[
"proxy",
"https://tech.lgbt/@becomethewaifu/114108264842807417",
"web"
],
[
"proxy",
"https://tech.lgbt/users/becomethewaifu/statuses/114108264842807417",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://tech.lgbt/users/becomethewaifu/statuses/114108264842807417",
"pink.momostr"
],
[
"-"
]
],
"content": "The latter is actually piping the output of a subshell into stdin, although it is the same construct as other FDs. From some digging, the correct forms are either\u003ccode\u003eexec 3\u0026lt;\u0026gt; /path/to/file\u003cbr\u003ebwrap --seccomp 3 ...\u003cbr\u003e\u003c/code\u003e\n\nor \u003ccode\u003ebwrap --seccomp 3 ... 3\u0026lt;/path/to/file\u003cbr\u003e\u003c/code\u003e\n\ndepending on if you want the fd to be read/write or read-only.\n\nAnd /proc/$pid/fd/ is one and the same with the integer file descriptors, it's just a way to see which process has what files open, and optionally to access them \"out of band\" (which is occasionally useful, since you can retrieve open-but-deleted files that way)",
"sig": "fe884c1418e080308a91ee392f72a4dc7129b6c287959c4e04d4fc7d654f7518cf8caf13f3eb51ac9d263f6075131ff4f0553f0c16e1989c37170f813807483e"
}