Document hardening, network default, and profile merge rules

2026-04-22 23:14:39 +02:00
parent 6933deb441
commit 862feada05
2 changed files with 11 additions and 3 deletions
@@ -18,7 +18,7 @@ pub struct Args {
    #[arg(long)]
    pub whitelist: bool,

-    /// Harden: unshare IPC, PID, UTS; private /tmp, /dev, /run
+    /// Harden: unshare IPC, PID, UTS namespaces and set hostname to "sandbox" (implied by --whitelist)
    #[arg(long, overrides_with = "no_hardened")]
    pub hardened: bool,