The user.max_user_namespaces sysctl itself is namespace aware and is used by bubblewrap's --disable-userns option. But a prctl like NO_NEW_PRIVS would be better, since it could avoid an intermediary namespace that is…
You could try to use the Win32 debug API in the same way like Linux UML by using ptrace. But it would probably still be much slower because of missing things like PTRACE_SYSCALL. More performant would be a noMMU variant…
With the upcoming Android 16 Terminal VM powered by the Android Virtualisation Framework (AVF), it should also be possible to run Docker in an Aarch64 Debian VM similar to WSL2 or ChromeOS crostini. However, this may…
In the EU, this will be the case from next year on (2025-06-20). No monthly security patch frequency requirement, but instead "security updates [...] need to be available to the user at the latest 4 months after the…
"from the date of end of placement on the market to at least 5 years after that date" IANAL but my interpretation of rule is: if you buy from a first-party seller, you should receive an update for at least five years,…
Aside from the physical repair requirements, part of the same legislation also covers operating system updates for *smartphones* (see Annex II (EU) 2023/1670). From 20 June 2025, de jure all smartphones sold in the EU…
The user.max_user_namespaces sysctl itself is namespace aware and is used by bubblewrap's --disable-userns option. But a prctl like NO_NEW_PRIVS would be better, since it could avoid an intermediary namespace that is…
You could try to use the Win32 debug API in the same way like Linux UML by using ptrace. But it would probably still be much slower because of missing things like PTRACE_SYSCALL. More performant would be a noMMU variant…
With the upcoming Android 16 Terminal VM powered by the Android Virtualisation Framework (AVF), it should also be possible to run Docker in an Aarch64 Debian VM similar to WSL2 or ChromeOS crostini. However, this may…
In the EU, this will be the case from next year on (2025-06-20). No monthly security patch frequency requirement, but instead "security updates [...] need to be available to the user at the latest 4 months after the…
"from the date of end of placement on the market to at least 5 years after that date" IANAL but my interpretation of rule is: if you buy from a first-party seller, you should receive an update for at least five years,…
Aside from the physical repair requirements, part of the same legislation also covers operating system updates for *smartphones* (see Annex II (EU) 2023/1670). From 20 June 2025, de jure all smartphones sold in the EU…