Symlinks strike again! This time with 3 #container breakouts in #runc. Other runtimes including #youki and #crun are also affected. #sydbox' syd-oci is also affected which is based on #youki. Expect updates soon: https://www.openwall.com/lists/oss-security/2025/11/05/3 #exherbo #linux #security #podman

Announcing #sydbox 3.20.0 which includes Crypt Sandboxing for transparent #AES-CTR file #encryption and Ghost Mode for enhanced confinement like #Seccomp Level 1. Fixes include proper read-write open sandboxing and #youki updates which fix #podman exec for syd-oci. New utilities: syd-key for AES-CTR keygen, syd-cp for efficient file copying, and syd-aes for {en,de}cryption. #sydbox is a rock-solid user-space #kernel to #sandbox apps on #Linux >=5.19 written in #rustlang: https://is.gd/2tczYu

With version 3.18.0 released today, #sydbox joins the family of #OCI container runtimes! The new syd-oci utility is largely based on #youki and provides a thin layer between the Syd #sandbox and #containers. It supports all the common commands and is compatible with both #Docker and #Podman. #sydbox is a rock-solid user-space #kernel to #sandbox apps on #Linux >=5.19 written in #rustlang. Read more about syd-oci here: https://man.exherbolinux.org/syd-oci.1.html

Il était où, hein? #youki #rage
Rigolitch - Rage Against The Youki (RATM vs Richard Gotainer) - YouTube https://www.youtube.com/watch?v=Y5P0IxNIXpQ