2026-05-12T08:23:44Z https://yabu.me stilic https://yabu.me/npub13v048y7apfmjn56vm4x4wnc67s7r94z2a5xe9qy29zr0g3dvfu6s56afrn https://s3.oss.zone/akkoma/3858708b98adcaecdd5a8f927091643a6402424ef5005ea17e34248495ff0bcc.jpg https://s3.oss.zone/akkoma/3858708b98adcaecdd5a8f927091643a6402424ef5005ea17e34248495ff0bcc.jpg https://yabu.me/nevent1qqszf7met9prss907ldpf03qjle90nlp0yqkl0l0yc9w0ck3w3wuk7czyz9375unm598w2wnfnw56460rt6rcvk5ftksmy5q3g5gdaz9438n2sqhjwy In reply to <a href='/nevent1qqsqxvxyca2teecued59aywysnaefvgvm6yawza0r0tddt2hr8nw7jqldwfkj'>nevent1q…wfkj</a><br/>_________________________<br/><br/>What the fuck are you on? WHAT YOU&#39;RE PROMOTING IS LITERALLY ILLEGAL.<br/><br/>I&#39;m not even queerphobic, you passing literal incest at it was fine and making shit up about me and this wiki I used is just... weird and fucked up<br/><br/>For fuck sakes, get out of fedi if you can&#39;t understand where YOU are going 2026-05-06T05:43:32Z https://yabu.me/nevent1qqsw8v4tgetn02xdr6fc9c969m0dyx5mpmpptq55uh8uyujpy8duepgzyz9375unm598w2wnfnw56460rt6rcvk5ftksmy5q3g5gdaz9438n2jegjdt In reply to <a href='/nevent1qqsvz482jszqy2g2hscnn8yysaf4mkrh3xljxvnphqu34av693zkhkqn8uxkk'>nevent1q…uxkk</a><br/>_________________________<br/><br/>I&#39;m sorry but if it&#39;s mentioned in <a href="https://lgbtqia.wiki/wiki/Harmful_Terminology#Paraphilic_Terminology">https://lgbtqia.wiki/wiki/Harmful_Terminology#Paraphilic_Terminology</a> you don&#39;t really have a say<br/>It&#39;s just Bad, period. 2026-05-06T05:18:29Z https://yabu.me/nevent1qqs8d0qheucwf3q3x8hx6z7j3x9flerwlty6lxsjghce4s4uket3zxqzyz9375unm598w2wnfnw56460rt6rcvk5ftksmy5q3g5gdaz9438n29tg95k In reply to <a href='/nevent1qqspa8v2mt4azjm4xwwt5u7tqfdpdwnv9k8sn75298utea0jzryu8asfrgkmr'>nevent1q…gkmr</a><br/>_________________________<br/><br/>y&#39;know what<br/>I&#39;m not going to argue with someone who is openly supporting incest<br/>That&#39;s it, you lost all your credibility 2026-05-06T05:06:09Z https://yabu.me/nevent1qqspa8v2mt4azjm4xwwt5u7tqfdpdwnv9k8sn75298utea0jzryu8aszyz9375unm598w2wnfnw56460rt6rcvk5ftksmy5q3g5gdaz9438n22mdrnn In reply to <a href='/nevent1qqsw6s3e60rhxyyx9msev2lmq2yg5gxsad7wq8a4m9vgql4sps86l9qzjgar6'>nevent1q…gar6</a><br/>_________________________<br/><br/>Well this is coming from a security researcher who knows a lot about Linux security issues so I think they know what they&#39;re doing unless someone proves me wrong or smth<br/><br/>Bubblewrap is pretty much able to do around 90% of the stuff systemd already does in terms of sandboxing without having to get its features reimplemented in the init system itself<br/><br/>There are use cases for sandboxing a whole bootstrap process (<a href="https://github.com/fosslinux/live-bootstrap">https://github.com/fosslinux/live-bootstrap</a>) or just building a few packages in an isolated environment (as done by a few package build systems), so I&#39;m pretty sure that is sufficient on its own along with seccomp<br/><br/>Bubblewrap has a large amount of CLI options if you have specific requirements in mind, it&#39;s very polyvalent<br/>Even ChromeOS has a tool for similar purposes (<a href="https://google.github.io/minijail/">https://google.github.io/minijail/</a>) 2026-05-06T04:48:39Z https://yabu.me/nevent1qqs0kvlnf9lzldyp0xe68fdpezry4r32ulm7vgnlu0646flvfgu3h9szyz9375unm598w2wnfnw56460rt6rcvk5ftksmy5q3g5gdaz9438n24evg2e In reply to <a href='/nevent1qqszjxaqf0f55awnpf4t6zsv0wadhjh9m3gr6js3ldagjf888rvgrrg5fp75f'>nevent1q…p75f</a><br/>_________________________<br/><br/>what do you think about the approach described in the last paragraph of this? <a href="https://madaidans-insecurities.github.io/guides/linux-hardening.html#systemd-service-sandboxing">https://madaidans-insecurities.github.io/guides/linux-hardening.html#systemd-service-sandboxing</a> <br/> <br/>i don&#39;t necessarily think it&#39;s needed to reimplement that on your own but that&#39;s how i see things on my own so i dunno tbh 2026-05-06T04:33:33Z https://yabu.me/nevent1qqsgtgxg8cyqqvwpn4w79dgvswtd6ld83fppcyl0lf7feh9y364u75qzyz9375unm598w2wnfnw56460rt6rcvk5ftksmy5q3g5gdaz9438n2vlyzm6 In reply to <a href='/nevent1qqswf6a6xy0um5ycvnrevs6jjpg29qvlw398v35v752kyvctw09uz7c686exu'>nevent1q…6exu</a><br/>_________________________<br/><br/>AFAIK GrapheneOS or even AOSP without custom patches is still hundred times more secure than most Linux desktop distros<br/>There&#39;s a reason GOS in particular is used by criminals 2026-04-10T19:36:35Z