Misinformation campaigns increasingly target the cavity-fighting mineral, prompting communities to reverse mandates. Dentists are enraged. Parents are caught in the middle....
Made a Nix library for this. For a simple setup you can just build this (untested) and run the result:
<span style="color:#323232;">import ./encase.nix {
</span><span style="color:#323232;"> name = "firefox";
</span><span style="color:#323232;"> rw.home.nathan = /home/nathan/home-for/firefox;
</span><span style="color:#323232;"> # other dependencies it might need...
</span><span style="color:#323232;"> tmp = /tmp; # fresh tmpfs for this sandbox
</span><span style="color:#323232;"> network = true;
</span><span style="color:#323232;"> command = pkgs.firefox;
</span><span style="color:#323232;">}
</span>
It doesn’t have user isolation yet, so if it escapes the browser and the chroot (which doesn’t have a /proc unless you set proc = /proc;, and runs in a PID namespace either way) your files are still at risk. However, this is still pretty secure, and you can run the script itself as a different user (it creates a new UID namespace so chrooting can be done without root).
Microsoft is trying to restore Bing as the default search engine on users’ browsers by spinning it as a “repair” through a utility app called PC Manager....
I’ll note that 2.5°C of warming by 2100 is a significant improvement over the trajectory we were on a decade ago, even if still far from where we need to be
Medical freedom vs. public health: Should fluoride be in our drinking water? (www.nbcnews.com)
Misinformation campaigns increasingly target the cavity-fighting mineral, prompting communities to reverse mandates. Dentists are enraged. Parents are caught in the middle....
you don't need more 4GB of RAM (lemmy.dbzer0.com)
"LiNuX uSeR iNsTaLlInG A BrOwSeR haha" meanwhile : (lemmy.world)
Terminal > Windows Registry.
Old XKCD, still relevant (lemmy.dbzer0.com)
Was trying to extract a totally legit copy of Skate 3 I downloaded today to play on my Steam Deck
pick your side (mander.xyz)
science is blue.
And then you get hooked on it and start using it for real (sh.itjust.works)
Living (mander.xyz)
someone tell them (lemmy.world)
In some cultures, that is considered an honor Samantha! (sh.itjust.works)
Not a Coincidence (lemm.ee)
OneDrive disguising the "Buy now" button using the Cancel color scheme (programming.dev)
Microsoft PC Manager App 'Repairs' Your System by Making Bing the Search Default (uk.pcmag.com)
Microsoft is trying to restore Bing as the default search engine on users’ browsers by spinning it as a “repair” through a utility app called PC Manager....
Two chemists walk into a bar (sh.itjust.works)
Planet is headed for at least 2.5C of heating with disastrous results for humanity, poll of hundreds of scientists finds | Planet is headed for at least 2.5C of heating with disastrous results (www.theguardian.com)
I’ll note that 2.5°C of warming by 2100 is a significant improvement over the trajectory we were on a decade ago, even if still far from where we need to be
It is so convenient and free. (discuss.tchncs.de)
The power of AI (lemmy.world)
lemmings.world/comment/8313173
Who needs icons anyways? (programming.dev)
Didn't need to use my laptop anyway. (lemmy.world)
The switch-case starts on line 83. (programming.dev)
Well then... I guess that leaves me no choice? (lemmy.world)
Context: A local movie app have this warning to me as I have this domain blocked with NextDNS 👌
Fine, I'll join the bandwagon (programming.dev)
A picture of a plane taxiing, captioned with “Taylor Swift on her way to the airport”.
time to touch the disabled (programming.dev)