Essentially it’s just: remove .py files an execute del os.environ[“SESSION_TOKEN“]? This doesn’t really sound very secure, there are a number of ways to bypass both of these.
It’s just security through obscurity
yakkomajuri 50 minutes ago [-]
I think this is pretty standard and similar to approaches that are evolving naturally (I've certainly used very similar patterns).
I'd be pretty keen to actually hear more about the Unikraft setup and other deeper details about the agent sandboxes regarding the tradeoffs and optimizations made. All the components are there but has someone open-sourced a more plug-and-play setup like this?
jeremyjacob 46 minutes ago [-]
It’s neat to see more projects adopting Unikernals. I’ve played around with Unikraft’s Cloud offering about a year ago when it was CLI/API only and was impressed by the performance but found too many DX and polish issues to take it to production. Looks like they’ve improved a lot of that since.
Bnjoroge 48 minutes ago [-]
maybe the usecase that makes unikernels alot more mainstream. Always found them intriguing
Rendered at 20:51:18 GMT+0000 (Coordinated Universal Time) with Vercel.
Essentially it’s just: remove .py files an execute del os.environ[“SESSION_TOKEN“]? This doesn’t really sound very secure, there are a number of ways to bypass both of these.
It’s just security through obscurity
I'd be pretty keen to actually hear more about the Unikraft setup and other deeper details about the agent sandboxes regarding the tradeoffs and optimizations made. All the components are there but has someone open-sourced a more plug-and-play setup like this?