- 4 Posts
- 45 Comments
With root permission you can do chroot.Edit, I did some digging and found that its not the normal files that they can access but can modify kernel parameters and can mount devices and access their files etc. If you want to learn more check https://stackoverflow.com/questions/36425230/privileged-containers-and-capabilities
- What is the benefit of creating users for every service? Wouldn’t one be sufficient?
- Also just out of curiosity, why not in sodo’ers list?
One of the main advantage of podman is that, it respects the firewall rules. Docker don’t do that. Also having rootless podman means if somehow the container went rogue, it cannot have access to your root directory and perform malicious actions.
Also podman is a drop in replacement for docker. It does not need much configurations to setup. If you need compose, you might need to install podman-compose as well.
I envy you so much
Or a base64 encoded string
Appreciated.
On a serious note, how hard is rust if I know python?
1·2 months agoI have looked into how the firewall gets bypassed. To my knowledge they seems to be applying a method called firewall punch through in which the clients establish connection with each other using an external rendezvous server.
Warp uses magic-wormhole.io and my android client uses the same domain for its Rendezvous and Transit servers. I am still learning about what they really are.
So I think the mentioned URLs might be closed source, I don’t know. But the default ones that warp use is this magic-wormhole.io (relay and transit) seems to be open source ones.
Yeah totally. Here https://lemmy.world/comment/14783333
Is it safe though?
Hey wormhole is closed source? Wow I didn’t knew that.
Actually this is what they do.
Try llamafile from Mozilla.
Yes, you can easily do that. Set the container name and make them on the same network. Used caddy and whole bunch of Selfhostable services with it and I reverse proxy as
container_name:port
No its on 4.x I think.
Podman actually run fine on Debian 12. Though the packaged version is a bit old. Does not support podman compose command. Though podman-compose works.
Docker Swarm