| ▲ | superb_dev 5 days ago | |
Why do they disable io_uring? | ||
| ▲ | alpb 4 days ago | parent | next [-] | |
Security reasons. https://news.ycombinator.com/item?id=44632240 There are also other edge cases around cgroups accounting that renders some isolation/throttling mechanisms not fully effective. | ||
| ▲ | arianvanp 5 days ago | parent | prev [-] | |
Sandboxing like gvisor is based on syscalls and iouring makes your code syscallless | ||