Cats, flowers and bubble wrap; does it get any better? #CaturdayEveryday #Caturday #CatsOfMastodon #BubbleWrap
#BubbleWrap
Sometimes devil is in the details. #POSIX requires option parsing to terminate when the initial non-option argument is encountered. This is different than the #GNU style which continues parsing arguments until an explicit "--" is encountered. The latter has been susceptible to command line injection attacks. One recent example is in #bubblewrap & #flatpak combo with CVE-2024-32462. Otoh, #sydbox and all its utilities use posixly correct option parsing: https://nvd.nist.gov/vuln/detail/cve-2024-32462 #linux #security
Good to know.
#Bubblewrap creates isolated environments using #Linux kernel namespaces. It achieves this by creating a new, completely empty mount namespace where the root is mounted on a tmpfs. When installed, Bubblewrap provides a bwrap CLI tool that can be used to wrap any command (with caveats). Of special interest are coding agents like #OpenCode, Claude Code etc.
Bubblewrap: A nimble way to prevent agents from accessing your .env files
#HackerNews #Bubblewrap #nimble #prevent #agents #env #files #coding #secrets #security
Dự án 'Popcalypse' ra mắt game bóp bong bóng chống sốc trực tuyến, đa người chơi. Mỗi bong bóng được đồng bộ: bóp một cái, nó biến mất với tất cả. Hết là hết mãi mãi! Có cả tấm riêng cho bạn.
#Popcalypse #Game #BubbleWrap #SideProject #TròChơi #BongBóng
https://www.reddit.com/r/SideProject/comments/1q0io6j/a_million_bubble_countdown_to_the_popcalypse/
what i want to eventually see is a GUI program similar to #bottles, but for managing (#flatpak / #bubblewrap) -based sandboxes on #linux
let's say i have some proprietary program or game i don't entirely trust, or that depends on libraries not supplied in my distro
i want to be able to create a sort of container for it, pick one of the Freedesktop runtimes as the basis (maybe with some extras, like the GNOME or KDE libraries added), set which directories and interfaces the programs inside the container have access to, then just be able to copy files and run executables inside it
CI/CD Week Day 2! Security is key! Running directly on the host (bareMetal) is fast, but system admins need control over what processes run.
Enter Executor 2: bwrap (bubblewrap). This creates a very light container/sandbox, similar to what Flatpak uses!
You get the same execution capability (e.g., running `echo "hello" > README.md`), but in a confined, isolated way. It's the best of both worlds: speed and security!
Ready for the executor that lets you run any process? Follow me for tomorrow's reveal! 🐳
#CICD #DevOps #Bubblewrap #Security #Containers
💥 Bubble wrap bursts enable power-free acoustic testing
https://techxplore.com/news/2025-10-enable-power-free-acoustic.html
🧱 First real sandboxing arrives on #NetBSD!
A GSoC 2025 project brings Linux-style namespaces (UTS + mount) to the kernel, paving the way for real isolation.
https://blog.netbsd.org/tnf/entry/gsoc2025_bubblewrap_sandboxing
#Bubblewrap #BSD #Security
A GSoC 2025 project brings Linux-style namespaces (UTS + mount) to the kernel, paving the way for real isolation.
https://blog.netbsd.org/tnf/entry/gsoc2025_bubblewrap_sandboxing
#Bubblewrap #BSD #Security
🍾🤡 #Bubblewrap, the high-tech innovation to #NetBSD, because who needs robust security when you can just pop your way to safety? 🎈✨ Welcome to the future of sandboxing: as strong as the packaging your last Amazon delivery came in. 🚀🛍️
https://blog.netbsd.org/tnf/entry/gsoc2025_bubblewrap_sandboxing #TechInnovation #Sandboxing #SecurityFail #FutureOfTech #HackerNews #ngated
Using bubblewrap to add sandboxing to NetBSD
https://blog.netbsd.org/tnf/entry/gsoc2025_bubblewrap_sandboxing
#HackerNews #bubblewrap #NetBSD #sandboxing #GSoC2025 #security #technology
September patreon rewards going out today! I meant to do a sneak peek of the zine I made several days ago, but the time really got away from me. As usual, this zine will be available on my ko-fi soon. Patron work just comes first!
In addition to the mini zine Human Rights Are Not an Opinion, patrons get bubble wrap prints to use as their own zine fodder or whatever they please. Digital tier members get to download everything as PNGs for $2 a month, and physical tier members get hard copies for $8 a month.
Image description: Five photos of zines and prints on a wood table. The mini zine features lots of the color red and the cover's background includes lava. The writing is done in sharpie. The title is human rights are not an opinion. The inside spread says my life is not your debate. The prints are done with various colors of ink on bubble wrap which is then pressed onto the paper. The final photo is of the backs of the sealed and decorated envelopes. Witchy washi tape and cute stickers.
#zine #zines #snailmail #zineclub #patreonrewards #humanrights #bubblewrap #diy #stamping
In addition to the mini zine Human Rights Are Not an Opinion, patrons get bubble wrap prints to use as their own zine fodder or whatever they please. Digital tier members get to download everything as PNGs for $2 a month, and physical tier members get hard copies for $8 a month.
Image description: Five photos of zines and prints on a wood table. The mini zine features lots of the color red and the cover's background includes lava. The writing is done in sharpie. The title is human rights are not an opinion. The inside spread says my life is not your debate. The prints are done with various colors of ink on bubble wrap which is then pressed onto the paper. The final photo is of the backs of the sealed and decorated envelopes. Witchy washi tape and cute stickers.
#zine #zines #snailmail #zineclub #patreonrewards #humanrights #bubblewrap #diy #stamping
@Imperor flatpak uses bubblewrap for sandboxing, unless I am mistaken, then flatseal configures those bubblewrap permissions. So, you could start your programs with it too. Another way would be AppArmor. Or, if you want something to keep your base system clean (this does not bring any security advantages) you could use distrobox.
#linux #sandboxing #security #bubblewrap #apparmor #gnulinux #flatpak
I spent two hours yesterday debugging why my program which uses #bubblewrap and #overlayfs suddenly stopped working yesterday. Turns out, it was a kernel update and just needed a reboot...!
A worthwhile project to harden your #NixOS even more by sandboxing applications via #bubblewrap: jail.nix.
(I was using NixPak before which is also nice, but I find jail.nix to be of a nicer design, more flexible and minimalist at the same time).
It is somewhat minimal and strict at the moment (for instance, It doesn't yet automatically forward the '*.desktop' files from the jailed apps), but perhaps that's one of the reasons I like it: it's fairly clear where things come from.
Bello Bear Bit 15 Bubble Wall Paper - Watch & Follow on YouTube https://youtube.com/shorts/l5D46a9ELl4?feature=share
Bello Bear Bit 15 Bubble Wall Paper - Watch & Follow on YouTube https://youtube.com/shorts/l5D46a9ELl4?feature=share
Packing for coming FuelNoises shows! (part 1)
when u would need flight cases but you prefer to pay ppl decently instead of buying stuff...
#box #gaffa #bubblewrap #fluffy #bricolage
Why Avoid Binaries in Early-Stage Projects?
Auditability: Source code is readable, understandable, and can be version-controlled. Binaries (especially opaque ones) may include unknown payloads, telemetry, or hardcoded calls. #bubblewrap #firejail
Noch einer für die #Fedieltern
Das #Planschbecken heizt sich innerhalb 1-2 Stunde in der Sonne auf mit der Hilfe von etwas #bubblewrap 👍🏼
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst