Published on: 2025-06-11 16:46:50
When launching privacy-critical apps and services, developers want to make sure that every packet really only goes through Tor. One mistyped proxy setting–or a single system-call outside the SOCKS wrapper–and your data is suddenly on the line. That's why today, we are excited to introduce oniux: a small command-line utility providing Tor network isolation for third-party applications using Linux namespaces. Built on Arti, and onionmasq, oniux drop-ships any Linux program into its own network na
Keywords: application namespaces network oniux tor
Find related items on AmazonPublished on: 2025-06-13 02:14:44
We are excited to introduce Namespaces to the OpenBao Secret Manager – a powerful feature designed to bring robust multi-tenancy and fine-grained isolation to your secrets management workflows. Namespaces in OpenBao are logical partitions within a single OpenBao instance, functioning as isolated environments where teams, organizations, or applications can operate independently. Each namespace acts like a mini-OpenBao, with its own policies, authentication methods, secret engines, tokens, and i
Keywords: namespace namespaces openbao tenant tenants
Find related items on AmazonPublished on: 2025-06-13 22:14:44
We are excited to introduce Namespaces to the OpenBao Secret Manager – a powerful feature designed to bring robust multi-tenancy and fine-grained isolation to your secrets management workflows. Namespaces in OpenBao are logical partitions within a single OpenBao instance, functioning as isolated environments where teams, organizations, or applications can operate independently. Each namespace acts like a mini-OpenBao, with its own policies, authentication methods, secret engines, tokens, and i
Keywords: namespace namespaces openbao tenant tenants
Find related items on AmazonPublished on: 2025-06-22 09:39:09
A generic C-powered & Lua-driven container runtime. Many container runtimes out there focus on specific containerization technologies such as Linux namespaces, but Emilua acts as a generic container runtime that supports different kernel technologies : Linux namespaces. FreeBSD jails. Many container runtimes (e.g. bubblewrap, nsjail) are CLI-driven and give little room for flexibility. The standard tool to automate CLI usage is BASH. However BASH cannot be used to restore flexibility here (it
Keywords: bash container emilua namespaces setup
Find related items on AmazonPublished on: 2025-07-08 04:20:06
Tor has announced Oniux, a new command-line tool for routing any Linux application securely through the Tor network for anonymized network connections. Unlike classic methods like torsocks, which rely on user-space tricks, Oniux uses Linux namespaces to create a fully isolated network environment for each application, preventing data leaks even if the app is malicious or misconfigured. Linux namespaces are a kernel feature that allows processes to run in isolated environments, each with its ow
Keywords: linux namespaces network oniux tor
Find related items on AmazonPublished on: 2025-07-15 07:39:34
Description This replaces #19744 This proposes a new feature to define virtual top-level namespaces in Ruby. Those namespaces can require/load libraries (either .rb or native extension) separately from other namespaces. Dependencies of required/loaded libraries are also required/loaded in the namespace. This feature will be disabled by default at first, and will be enabled by an env variable RUBY_NAMESPACE=1 as an experimental feature. (It could be enabled by default in the future possibly.)
Keywords: app namespace namespaces port ruby
Find related items on AmazonPublished on: 2025-09-21 15:07:44
oss-sec mailing list archives Three bypasses of Ubuntu's unprivileged user namespace restrictions Qualys Security Advisory Three bypasses of Ubuntu's unprivileged user namespace restrictions ======================================================================== Contents ======================================================================== Summary Bypass via aa-exec Bypass via busybox Bypass via LD_PRELOAD Acknowledgments Timeline (advisory sent to the Ubuntu Security Team on January 15, 2
Keywords: namespace namespaces ubuntu unprivileged user
Find related items on AmazonPublished on: 2025-09-23 04:14:34
Three security bypasses have been discovered in Ubuntu Linux’s unprivileged user namespace restrictions, which could be enable a local attacker to exploit vulnerabilities in kernel components. The issues allow local unprivileged users to create user namespaces with full administrative capabilities and impact Ubuntu versions 23.10, where unprivileged user namespaces restrictions are enabled, and 24.04 which has them active by default. Linux user namespaces allow users to act as root inside an i
Keywords: namespace qualys restrictions ubuntu user
Find related items on AmazonPublished on: 2025-09-26 19:35:46
Why build a new low-level container runtime? The idea of separating the low-level container runtime concerns into its own tool or microservice is not new. Outside of the Kubernetes CRI, which presents container lifecycle management as a pluggable microservice, there are simpler tools which provide a low-level container runtime as well, such as the unshare utility in util-linux, as well as another tool called Bubblewrap. But these tools are either too high-level (like the Kubernetes CRI), or th
Keywords: container linux namespace namespaces styrolite
Find related items on AmazonPublished on: 2025-10-23 01:03:51
C++/WinRT pull request 1225 fixed a problem with a call to invoke . What’s the problem, why did it show up all of a sudden, and what can you do if you are stuck on an older version of C++/WinRT? The problem is at the point in winrt:: impl:: promise_base ::set_completed makes an unqualified call to invoke() : namespace winrt::impl { ⟦ ... ⟧ template <typename Delegate, typename... Arg> bool invoke(Delegate const& delegate, Arg const&... args) noexcept; ⟦ ... ⟧ template <typename Derived, typena
Keywords: handler invoke namespace std winrt
Find related items on AmazonGo K’awiil is a project by nerdhub.co that curates technology news from a variety of trusted sources. We built this site because, although news aggregation is incredibly useful, many platforms are cluttered with intrusive ads and heavy JavaScript that can make mobile browsing a hassle. By hand-selecting our favorite tech news outlets, we’ve created a cleaner, more mobile-friendly experience.
Your privacy is important to us. Go K’awiil does not use analytics tools such as Facebook Pixel or Google Analytics. The only tracking occurs through affiliate links to amazon.com, which are tagged with our Amazon affiliate code, helping us earn a small commission.
We are not currently offering ad space. However, if you’re interested in advertising with us, please get in touch at [email protected] and we’ll be happy to review your submission.