| ▲ | okanat 3 hours ago | |
The containers are literally the "bolting on". You need to give the illusion of the software is running under a full OS but you can actually mount the system directories as read-only. | ||
| ▲ | akdev1l 3 minutes ago | parent | next [-] | |
and you still need to mount volumes and add all sorts of holes in the sandbox for applications to work correctly and/or be useful try to run gimp inside a container for example, you’ll have to give access to your ~/Pictures or whatever for it to be useful Compared to some photo editing applications on android/iOS which can work without having filesystem access by getting the file through the OS file picker | ||
| ▲ | akdev1l 5 minutes ago | parent | prev [-] | |
and you still need to mount volumes and add all sorts of holes in the sandbox for applications to work correctly and/or be useful | ||