-
How Rust can build an elegant API around raw memoryThis post will explain what registers are, what are their use in bare-metal programming, and how these macros allows for smooth Rust code when working with them.
-
Git code audit viewed as a Rust programmerAnalyse the Git source code audit performed by X41 and Gitlab, and find out if the vulnerabilities found would get mitigated by Rust or not. From there, describe good security practices when writing code in Rust.
-
Simple errors handling in Rust using macrosDescribes how using macros you can easily handle errors of a whole piece of software elegantly.
-
Executing the binaryExecute a binary inside our container, resolve issues of dynamic libraries, mount directories inside the environment. Conclusion of the serie
-
Syscalls and resources restrictionHow to restrict the binary running inside our container in order to protect our system. Introduction to seccomp, syscalls, cgroups, rlimit
-
User namespaces and Linux capabilitiesSet up user namespaces, map the UID / GID, restrict the child process with linux capabilities
-
Defining the container environmentSet the container hostname, modify the container mount point, pivoting the root.
-
Birth of a child processPrepare inter-process communication (IPC), create a clone of the parent process while restricting its scope using namespaces.
-
Creating the skelettonGetting the configuration, creating the skeletton for the container, checking the Linux kernel version for compatibility
-
Starting the projectCreation of the project, the logging system, the error handlings, and arguments validation
-
Introduction to containersOverview of what is a container, the problem of software isolation it solves and how does it compares to other solutions.
Litchi Pi