> Also not sure if it can be dynamically set by a parent process for a child? Ye... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		slonopotamus on Sept 26, 2023 \| parent \| context \| favorite \| on: macOS Containers v0.0.1 > Also not sure if it can be dynamically set by a parent process for a child? Yes, it can. See sandbox-exec tool. And I actually plan to use it: https://github.com/macOScontainers/rund/issues/15

lloeki on Sept 26, 2023 [–]

Oh my I totally forgot about sandbox-exec!

I played with it some time ago, can't recall the context but it was about build systems / packaging (maybe nix?), doing the configure/make/make install with reduced privileges.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact