Hi, Ciaran McCreesh wrote: > Sandboxing isn't about security. It's about catching mistakes.
>From Wikipedia (http://en.wikipedia.org/wiki/Sandbox_%28computer_security%29): > In computer security, a sandbox is a security mechanism for > separating running programs. It is often used to execute untested > code, or untrusted programs from unverified third-parties, > suppliers, untrusted users and untrusted websites network-sandbox is using unshare() syscalls to separate... not? But when I wrote my mail I was referring to Michal's statements in <http://thread.gmane.org/gmane.linux.gentoo.devel/91131>. He is explicitly listing "improving security"... -Thomas