One thing that no-one tested is the overhead of all the sandbox, like, each module, lybrary of program run in a sandbox(some times they tweak the source code not need the sandbox) so I wanted to see the overhead of all of that
I don’t understand, if you run a program inside the sandbox and the program ask for a library, the kernel need to map the library from inside the sandbox to the program, that overhead that I’m talking about
One thing that no-one tested is the overhead of all the sandbox, like, each module, lybrary of program run in a sandbox(some times they tweak the source code not need the sandbox) so I wanted to see the overhead of all of that
It build in a sandbox, but it’s not run in a sandbox.
I don’t understand, if you run a program inside the sandbox and the program ask for a library, the kernel need to map the library from inside the sandbox to the program, that overhead that I’m talking about
But it’s not run in a sandbox. I’m not sure where you get this from.
This is not how NixOS works. Programs directly link against libraries in the store. There is no sandbox by default when running the binaries.