• ivn@jlai.lu
    link
    fedilink
    arrow-up
    18
    arrow-down
    1
    ·
    4 months ago

    It build in a sandbox, but it’s not run in a sandbox.

    • Vilian
      link
      fedilink
      arrow-up
      2
      arrow-down
      3
      ·
      4 months ago

      I don’t understand, if you run a program inside the sandbox and the program ask for a library, the kernel need to map the library from inside the sandbox to the program, that overhead that I’m talking about

      • Laser@feddit.org
        link
        fedilink
        arrow-up
        22
        arrow-down
        1
        ·
        4 months ago

        This is not how NixOS works. Programs directly link against libraries in the store. There is no sandbox by default when running the binaries.

      • ivn@jlai.lu
        link
        fedilink
        arrow-up
        17
        ·
        4 months ago

        But it’s not run in a sandbox. I’m not sure where you get this from.