:: Re: [DNG] The audacity of it all...
Pàgina inicial
Delete this message
Reply to this message
Autor: tempforever
Data:  
A: DNG
Assumpte: Re: [DNG] The audacity of it all...
Neat.  Thanks for the info.  I was actually wondering about just that
very thing (how to block a program's network access) when the audacity
topic restarted.

Mason Loring Bliss wrote:
> On Tue, Aug 24, 2021 at 06:41:59PM -0400, Mason Loring Bliss wrote:
>
>> So, whether you set it persistently or not, you start with:
>>
>>     sudo sysctl -w kernel.unprivileged_userns_clone=1

>>
>> ...and then you can run something that has no configured network:
>>
>>     $ unshare -n ping 4.2.2.1
>>     unshare: unshare failed: Operation not permitted
> Didn't follow up here. One also needs to be mapped to root inside the
> namespace:

>
>     $ unshare -r -n ping 4.2.2.1
>     connect: Network is unreachable

>
> Without that, it doesn't do much. =cough=
>
>
> _______________________________________________
> Dng mailing list
> Dng@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng