GET https://kbin.spritesserver.nl/d/madaidans-insecurities.github.io/hot/%E2%88%9E/all

Response
200 OK
IP
216.73.216.163
Profiled on
Token
f69cf8

Components

19 Twig Components
37 Render Count
37 ms Render Time
16.0 MiB Memory Usage

Components

Name Metadata Render Count Render Time
settings_row_switch 
"App\Twig\Components\SettingsRowSwitchComponent"
components/_settings_row_switch.html.twig 		15 2.80ms
user_settings_row_switch 
"App\Twig\Components\UserSettingsRowSwitchComponent"
components/_user_settings_row_switch.html.twig 		4 1.17ms
settings_row_enum 
"App\Twig\Components\SettingsRowEnumComponent"
components/_settings_row_enum.html.twig 		2 0.52ms
entry 
"App\Twig\Components\EntryComponent"
components/_cached.html.twig 		1 23.32ms
user_inline 
"App\Twig\Components\UserInlineComponent"
components/user_inline.html.twig 		1 6.81ms
date 
"App\Twig\Components\DateComponent"
components/date.html.twig 		1 0.42ms
date_edited 
"App\Twig\Components\DateEditedComponent"
components/date_edited.html.twig 		1 0.24ms
magazine_inline 
"App\Twig\Components\MagazineInlineComponent"
components/magazine_inline.html.twig 		1 0.31ms
vote 
"App\Twig\Components\VoteComponent"
components/vote.html.twig 		1 0.73ms
boost 
"App\Twig\Components\BoostComponent"
components/boost.html.twig 		1 1.67ms
domain 
"App\Twig\Components\DomainComponent"
components/domain.html.twig 		1 1.53ms
domain_sub 
"App\Twig\Components\DomainSubComponent"
components/domain_sub.html.twig 		1 0.70ms
related_magazines 
"App\Twig\Components\RelatedMagazinesComponent"
components/_cached.html.twig 		1 2.10ms
active_users 
"App\Twig\Components\ActiveUsersComponent"
components/_cached.html.twig 		1 0.24ms
related_categories 
"App\Twig\Components\RelatedCategoriesComponent"
components/_cached.html.twig 		1 1.51ms
related_posts 
"App\Twig\Components\RelatedPostsComponent"
components/_cached.html.twig 		1 1.93ms
related_entries 
"App\Twig\Components\RelatedEntriesComponent"
components/_cached.html.twig 		1 1.71ms
support_us_block 
"App\Twig\Components\SupportUsBlock"
components/_cached.html.twig 		1 0.19ms
featured_magazines 
"App\Twig\Components\FeaturedMagazinesComponent"
components/_cached.html.twig 		1 0.93ms

Render calls

entry App\Twig\Components\EntryComponent 16.0 MiB 23.32 ms
Input props 
[
  "entry" => App\Entity\Entry {#1789
    +user: Proxies\__CG__\App\Entity\User {#1399
      +avatar: null
      +cover: null
      +email: "Pantherina@feddit.de"
      +username: "@Pantherina@feddit.de"
      +roles: []
      +followersCount: 0
      +homepage: "front"
      +about: null
      +lastActive: DateTime @1721498243 {#2323
        date: 2024-07-20 19:57:23.0 +02:00
      }
      +markedForDeletionAt: null
      +fields: null
      +oauthGithubId: null
      +oauthGoogleId: null
      +oauthFacebookId: null
      +oauthKeycloakId: null
      +hideAdult: true
      +showSubscribedUsers: true
      +showSubscribedMagazines: true
      +showSubscribedDomains: true
      +preferredLanguages: []
      +featuredMagazines: null
      +showProfileSubscriptions: false
      +showProfileFollowings: true
      +markNewComments: false
      +notifyOnNewEntry: false
      +notifyOnNewEntryReply: true
      +notifyOnNewEntryCommentReply: true
      +notifyOnNewPost: false
      +notifyOnNewPostReply: true
      +notifyOnNewPostCommentReply: true
      +addMentionsEntries: false
      +addMentionsPosts: true
      +isBanned: false
      +isVerified: false
      +isDeleted: false
      +isBot: false
      +spamProtection: true
      +customCss: null
      +ignoreMagazinesCustomCss: false
      +moderatorTokens: Doctrine\ORM\PersistentCollection {#2334 …}
      +magazineOwnershipRequests: Doctrine\ORM\PersistentCollection {#2341 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#2337 …}
      +entries: Doctrine\ORM\PersistentCollection {#2336 …}
      +entryVotes: Doctrine\ORM\PersistentCollection {#2339 …}
      +entryComments: Doctrine\ORM\PersistentCollection {#2159 …}
      +entryCommentVotes: Doctrine\ORM\PersistentCollection {#2070 …}
      +posts: Doctrine\ORM\PersistentCollection {#2073 …}
      +postVotes: Doctrine\ORM\PersistentCollection {#2058 …}
      +postComments: Doctrine\ORM\PersistentCollection {#2118 …}
      +postCommentVotes: Doctrine\ORM\PersistentCollection {#2232 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#2108 …}
      +subscribedDomains: Doctrine\ORM\PersistentCollection {#2057 …}
      +follows: Doctrine\ORM\PersistentCollection {#2309 …}
      +followers: Doctrine\ORM\PersistentCollection {#2311 …}
      +blocks: Doctrine\ORM\PersistentCollection {#2303 …}
      +blockers: Doctrine\ORM\PersistentCollection {#2306 …}
      +blockedMagazines: Doctrine\ORM\PersistentCollection {#2280 …}
      +blockedDomains: Doctrine\ORM\PersistentCollection {#2279 …}
      +reports: Doctrine\ORM\PersistentCollection {#2319 …}
      +favourites: Doctrine\ORM\PersistentCollection {#2222 …}
      +violations: Doctrine\ORM\PersistentCollection {#2195 …}
      +notifications: Doctrine\ORM\PersistentCollection {#2197 …}
      +awards: Doctrine\ORM\PersistentCollection {#2221 …}
      +subscribedCategories: Doctrine\ORM\PersistentCollection {#2208 …}
      +categories: Doctrine\ORM\PersistentCollection {#2272 …}
      -id: 48318
      -password: "$2y$13$ltFqzTJ0eHIMY8NTIUV0JOoX1AZlaj64ntUxYh5oQTJrg6.lxQmuC"
      -totpSecret: null
      -totpBackupCodes: []
      -oAuth2UserConsents: Doctrine\ORM\PersistentCollection {#2236 …}
      +apId: "Pantherina@feddit.de"
      +apProfileId: "https://feddit.de/u/Pantherina"
      +apPublicUrl: "https://feddit.de/u/Pantherina"
      +apFollowersUrl: null
      +apInboxUrl: "https://feddit.de/inbox"
      +apDomain: "feddit.de"
      +apPreferredUsername: "Pantherina"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: false
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1721236644 {#2324
        date: 2024-07-17 19:17:24.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1696428300 {#2300
        date: 2023-10-04 16:05:00.0 +02:00
      }
      +__isInitialized__: true
       …2
    }
    +magazine: Proxies\__CG__\App\Entity\Magazine {#1570
      +icon: Proxies\__CG__\App\Entity\Image {#1439 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#1441
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#1440 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#1694 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#1610 …}
      +entries: Doctrine\ORM\PersistentCollection {#1699 …}
      +posts: Doctrine\ORM\PersistentCollection {#1663 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#1678 …}
      +bans: Doctrine\ORM\PersistentCollection {#1587 …}
      +reports: Doctrine\ORM\PersistentCollection {#1568 …}
      +badges: Doctrine\ORM\PersistentCollection {#1562 …}
      +logs: Doctrine\ORM\PersistentCollection {#1604 …}
      +awards: Doctrine\ORM\PersistentCollection {#1692 …}
      +categories: Doctrine\ORM\PersistentCollection {#1625 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#1443
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#1418
        date: 2023-11-02 13:51:08.0 +01:00
      }
      +__isInitialized__: true
       …2
    }
    +image: null
    +domain: App\Entity\Domain {#277
      +entries: Doctrine\ORM\PersistentCollection {#243 …}
      +name: "madaidans-insecurities.github.io"
      +entryCount: 1
      +subscriptionsCount: 0
      +subscriptions: Doctrine\ORM\PersistentCollection {#265 …}
      -id: 1090
    }
    +slug: "Just-read-Madaidans-Insecurities-Do-you-know-how-much-is"
    +title: "Just read Madaidans Insecurities. Do you know how much is still relevant?"
    +url: "https://www.madaidans-insecurities.github.io/linux.html"
    +body: """
      Basically\n
      \n
      - Sandboxing is bad, bubblewrap (used in Flatpak) is a really good implementation though. Firefox and other apps are not very well sandboxed though\n
      - The kernel is endangered through user namespaces (used in Flatpak and Podman/Docker containers i.e. in Distrobox and Toolbox too)\n
      - the root password can be extracted veeery easily, especially when entering it through a terminal. Windows “okay” button might actually be more secure!\n
      - X11 is insecure, okay we know that\n
      - the kernel is very bloated and everything in there has all the permissions, which is not needed\n
      - Kernel bugs are often not fixed quickly or at all\n
      - Stable Distros are insecure if only CVE bugs are backported, as many security bugs dont get a CVE\n
      \n
      I am currently experimenting with the hardened Kernel and hardened_malloc, I use GrapheneOS since over a year.\n
      \n
      On Linux its a bit more difficult though, as Flatpak and Distrobox dont work anymore.\n
      \n
      This would mean user namespaces need to be enabled again, which I can’t seem to make work with\n
      \n
      `sudo sysctl -w kernel.unprivileged_users_clone=1`\n
      \n
      But the file doesnt exist and creating it doesnt work, probably needs to be a karg or something?\n
      \n
      I am testing all this using the hardened mod of Ublue (a slight Fedora deviation using its image-based distribution model):\n
      \n
      [github.com/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)\n
      \n
      The images are rather opinionated though and have things like Flatpak removed, making them nearly unusable.\n
      \n
      Maybe nix is a solution? Would this be a good idea?\n
      \n
      Another point, bubblejail is not yet in the Fedora repos, which would be a way to make secure sandboxing accessible. [Here](https://github.com/rusty-snake/fedora-extras/tree/main/bubblejail) is a spec file from rusty-snake.\n
      \n
      What do you know about this?
      """
    +type: "link"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 8
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1700929355 {#2404
      date: 2023-11-25 17:22:35.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1804 …}
    +votes: Doctrine\ORM\PersistentCollection {#1927 …}
    +reports: Doctrine\ORM\PersistentCollection {#1841 …}
    +favourites: Doctrine\ORM\PersistentCollection {#2473 …}
    +notifications: Doctrine\ORM\PersistentCollection {#1535 …}
    +badges: Doctrine\ORM\PersistentCollection {#1542 …}
    +children: []
    -id: 16138
    -titleTs: "'insecur':4 'know':7 'madaidan':3 'much':9 'read':2 'relev':12 'still':11"
    -bodyTs: "'/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)':220 '/rusty-snake/fedora-extras/tree/main/bubblejail)':271 '1':177 'access':267 'actual':63 'anoth':248 'anymor':151 'app':18 'backport':110 'bad':4 'base':215 'basic':1 'bit':141 'bloat':78 'bubblejail':250 'bubblewrap':5 'bug':92,108,114 'button':61 'clone':176 'contain':37 'creat':184 'current':121 'cve':107,118 'deviat':210 'difficult':143 'distribut':216 'distro':102 'distrobox':40,148 'doesnt':181,186 'dont':115,149 'easili':51 'enabl':160 'endang':28 'enter':54 'especi':52 'everyth':80 'exist':182 'experi':122 'extract':49 'fedora':209,256 'file':180,275 'firefox':15 'fix':96 'flatpak':8,34,146,231 'get':116 'github.com':219,270 'github.com/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)':218 'github.com/rusty-snake/fedora-extras/tree/main/bubblejail)':269 'good':12,246 'grapheneo':132 'harden':125,128,203 'i.e':38 'idea':247 'imag':214,222 'image-bas':213 'implement':13 'insecur':69,104 'karg':193 'kernel':26,75,91,126 'kernel.unprivileged':174 'know':72,283 'like':230 'linux':138 'make':168,233,264 'malloc':129 'mani':112 'mayb':237 'mean':154 'might':62 'mod':204 'model':217 'namespac':31,156 'near':235 'need':90,157,189 'nix':238 'often':94 'okay':60,70 'opinion':225 'password':46 'permiss':86 'podman/docker':36 'point':249 'probabl':188 'quick':97 'rather':224 'realli':11 'remov':232 'repo':257 'root':45 'rusti':278 'rusty-snak':277 'sandbox':2,23,266 'secur':66,113,265 'seem':166 'sinc':133 'slight':208 'snake':279 'solut':241 'someth':195 'spec':274 'stabl':101 'sudo':171 'sysctl':172 'termin':58 'test':198 'thing':229 'though':14,24,144,226 'toolbox':42 'ublu':206 'unus':236 'use':6,32,131,201,211 'user':30,155,175 'veeeri':50 'w':173 'way':262 'well':22 'window':59 'work':150,169,187 'would':153,242,259 'x11':67 'year':136 'yet':253"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1700870525
    +visibility: "visible             "
    +apId: "https://feddit.de/post/5981126"
    +editedAt: null
    +createdAt: DateTimeImmutable @1700784125 {#1828
      date: 2023-11-24 01:02:05.0 +01:00
    }
  }
  "showMagazineName" => true
]
Attributes 
[]
Component 
App\Twig\Components\EntryComponent {#1631
  -authorizationChecker: Symfony\Component\Security\Core\Authorization\AuthorizationChecker {#931 …}
  -newCommentMarkerCount: App\Kbin\NewCommentMarker\NewCommentMarkerCount {#1406 …}
  -cache: Symfony\Component\Cache\Adapter\TraceableTagAwareAdapter {#600 …}
  -twig: Twig\Environment {#1252 …}
  -requestStack: Symfony\Component\HttpFoundation\RequestStack {#1328 …}
  -security: Symfony\Bundle\SecurityBundle\Security {#1101 …}
  +entry: App\Entity\Entry {#1789
    +user: Proxies\__CG__\App\Entity\User {#1399
      +avatar: null
      +cover: null
      +email: "Pantherina@feddit.de"
      +username: "@Pantherina@feddit.de"
      +roles: []
      +followersCount: 0
      +homepage: "front"
      +about: null
      +lastActive: DateTime @1721498243 {#2323
        date: 2024-07-20 19:57:23.0 +02:00
      }
      +markedForDeletionAt: null
      +fields: null
      +oauthGithubId: null
      +oauthGoogleId: null
      +oauthFacebookId: null
      +oauthKeycloakId: null
      +hideAdult: true
      +showSubscribedUsers: true
      +showSubscribedMagazines: true
      +showSubscribedDomains: true
      +preferredLanguages: []
      +featuredMagazines: null
      +showProfileSubscriptions: false
      +showProfileFollowings: true
      +markNewComments: false
      +notifyOnNewEntry: false
      +notifyOnNewEntryReply: true
      +notifyOnNewEntryCommentReply: true
      +notifyOnNewPost: false
      +notifyOnNewPostReply: true
      +notifyOnNewPostCommentReply: true
      +addMentionsEntries: false
      +addMentionsPosts: true
      +isBanned: false
      +isVerified: false
      +isDeleted: false
      +isBot: false
      +spamProtection: true
      +customCss: null
      +ignoreMagazinesCustomCss: false
      +moderatorTokens: Doctrine\ORM\PersistentCollection {#2334 …}
      +magazineOwnershipRequests: Doctrine\ORM\PersistentCollection {#2341 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#2337 …}
      +entries: Doctrine\ORM\PersistentCollection {#2336 …}
      +entryVotes: Doctrine\ORM\PersistentCollection {#2339 …}
      +entryComments: Doctrine\ORM\PersistentCollection {#2159 …}
      +entryCommentVotes: Doctrine\ORM\PersistentCollection {#2070 …}
      +posts: Doctrine\ORM\PersistentCollection {#2073 …}
      +postVotes: Doctrine\ORM\PersistentCollection {#2058 …}
      +postComments: Doctrine\ORM\PersistentCollection {#2118 …}
      +postCommentVotes: Doctrine\ORM\PersistentCollection {#2232 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#2108 …}
      +subscribedDomains: Doctrine\ORM\PersistentCollection {#2057 …}
      +follows: Doctrine\ORM\PersistentCollection {#2309 …}
      +followers: Doctrine\ORM\PersistentCollection {#2311 …}
      +blocks: Doctrine\ORM\PersistentCollection {#2303 …}
      +blockers: Doctrine\ORM\PersistentCollection {#2306 …}
      +blockedMagazines: Doctrine\ORM\PersistentCollection {#2280 …}
      +blockedDomains: Doctrine\ORM\PersistentCollection {#2279 …}
      +reports: Doctrine\ORM\PersistentCollection {#2319 …}
      +favourites: Doctrine\ORM\PersistentCollection {#2222 …}
      +violations: Doctrine\ORM\PersistentCollection {#2195 …}
      +notifications: Doctrine\ORM\PersistentCollection {#2197 …}
      +awards: Doctrine\ORM\PersistentCollection {#2221 …}
      +subscribedCategories: Doctrine\ORM\PersistentCollection {#2208 …}
      +categories: Doctrine\ORM\PersistentCollection {#2272 …}
      -id: 48318
      -password: "$2y$13$ltFqzTJ0eHIMY8NTIUV0JOoX1AZlaj64ntUxYh5oQTJrg6.lxQmuC"
      -totpSecret: null
      -totpBackupCodes: []
      -oAuth2UserConsents: Doctrine\ORM\PersistentCollection {#2236 …}
      +apId: "Pantherina@feddit.de"
      +apProfileId: "https://feddit.de/u/Pantherina"
      +apPublicUrl: "https://feddit.de/u/Pantherina"
      +apFollowersUrl: null
      +apInboxUrl: "https://feddit.de/inbox"
      +apDomain: "feddit.de"
      +apPreferredUsername: "Pantherina"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: false
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1721236644 {#2324
        date: 2024-07-17 19:17:24.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1696428300 {#2300
        date: 2023-10-04 16:05:00.0 +02:00
      }
      +__isInitialized__: true
       …2
    }
    +magazine: Proxies\__CG__\App\Entity\Magazine {#1570
      +icon: Proxies\__CG__\App\Entity\Image {#1439 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#1441
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#1440 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#1694 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#1610 …}
      +entries: Doctrine\ORM\PersistentCollection {#1699 …}
      +posts: Doctrine\ORM\PersistentCollection {#1663 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#1678 …}
      +bans: Doctrine\ORM\PersistentCollection {#1587 …}
      +reports: Doctrine\ORM\PersistentCollection {#1568 …}
      +badges: Doctrine\ORM\PersistentCollection {#1562 …}
      +logs: Doctrine\ORM\PersistentCollection {#1604 …}
      +awards: Doctrine\ORM\PersistentCollection {#1692 …}
      +categories: Doctrine\ORM\PersistentCollection {#1625 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#1443
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#1418
        date: 2023-11-02 13:51:08.0 +01:00
      }
      +__isInitialized__: true
       …2
    }
    +image: null
    +domain: App\Entity\Domain {#277
      +entries: Doctrine\ORM\PersistentCollection {#243 …}
      +name: "madaidans-insecurities.github.io"
      +entryCount: 1
      +subscriptionsCount: 0
      +subscriptions: Doctrine\ORM\PersistentCollection {#265 …}
      -id: 1090
    }
    +slug: "Just-read-Madaidans-Insecurities-Do-you-know-how-much-is"
    +title: "Just read Madaidans Insecurities. Do you know how much is still relevant?"
    +url: "https://www.madaidans-insecurities.github.io/linux.html"
    +body: """
      Basically\n
      \n
      - Sandboxing is bad, bubblewrap (used in Flatpak) is a really good implementation though. Firefox and other apps are not very well sandboxed though\n
      - The kernel is endangered through user namespaces (used in Flatpak and Podman/Docker containers i.e. in Distrobox and Toolbox too)\n
      - the root password can be extracted veeery easily, especially when entering it through a terminal. Windows “okay” button might actually be more secure!\n
      - X11 is insecure, okay we know that\n
      - the kernel is very bloated and everything in there has all the permissions, which is not needed\n
      - Kernel bugs are often not fixed quickly or at all\n
      - Stable Distros are insecure if only CVE bugs are backported, as many security bugs dont get a CVE\n
      \n
      I am currently experimenting with the hardened Kernel and hardened_malloc, I use GrapheneOS since over a year.\n
      \n
      On Linux its a bit more difficult though, as Flatpak and Distrobox dont work anymore.\n
      \n
      This would mean user namespaces need to be enabled again, which I can’t seem to make work with\n
      \n
      `sudo sysctl -w kernel.unprivileged_users_clone=1`\n
      \n
      But the file doesnt exist and creating it doesnt work, probably needs to be a karg or something?\n
      \n
      I am testing all this using the hardened mod of Ublue (a slight Fedora deviation using its image-based distribution model):\n
      \n
      [github.com/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)\n
      \n
      The images are rather opinionated though and have things like Flatpak removed, making them nearly unusable.\n
      \n
      Maybe nix is a solution? Would this be a good idea?\n
      \n
      Another point, bubblejail is not yet in the Fedora repos, which would be a way to make secure sandboxing accessible. [Here](https://github.com/rusty-snake/fedora-extras/tree/main/bubblejail) is a spec file from rusty-snake.\n
      \n
      What do you know about this?
      """
    +type: "link"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 8
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1700929355 {#2404
      date: 2023-11-25 17:22:35.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1804 …}
    +votes: Doctrine\ORM\PersistentCollection {#1927 …}
    +reports: Doctrine\ORM\PersistentCollection {#1841 …}
    +favourites: Doctrine\ORM\PersistentCollection {#2473 …}
    +notifications: Doctrine\ORM\PersistentCollection {#1535 …}
    +badges: Doctrine\ORM\PersistentCollection {#1542 …}
    +children: []
    -id: 16138
    -titleTs: "'insecur':4 'know':7 'madaidan':3 'much':9 'read':2 'relev':12 'still':11"
    -bodyTs: "'/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)':220 '/rusty-snake/fedora-extras/tree/main/bubblejail)':271 '1':177 'access':267 'actual':63 'anoth':248 'anymor':151 'app':18 'backport':110 'bad':4 'base':215 'basic':1 'bit':141 'bloat':78 'bubblejail':250 'bubblewrap':5 'bug':92,108,114 'button':61 'clone':176 'contain':37 'creat':184 'current':121 'cve':107,118 'deviat':210 'difficult':143 'distribut':216 'distro':102 'distrobox':40,148 'doesnt':181,186 'dont':115,149 'easili':51 'enabl':160 'endang':28 'enter':54 'especi':52 'everyth':80 'exist':182 'experi':122 'extract':49 'fedora':209,256 'file':180,275 'firefox':15 'fix':96 'flatpak':8,34,146,231 'get':116 'github.com':219,270 'github.com/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)':218 'github.com/rusty-snake/fedora-extras/tree/main/bubblejail)':269 'good':12,246 'grapheneo':132 'harden':125,128,203 'i.e':38 'idea':247 'imag':214,222 'image-bas':213 'implement':13 'insecur':69,104 'karg':193 'kernel':26,75,91,126 'kernel.unprivileged':174 'know':72,283 'like':230 'linux':138 'make':168,233,264 'malloc':129 'mani':112 'mayb':237 'mean':154 'might':62 'mod':204 'model':217 'namespac':31,156 'near':235 'need':90,157,189 'nix':238 'often':94 'okay':60,70 'opinion':225 'password':46 'permiss':86 'podman/docker':36 'point':249 'probabl':188 'quick':97 'rather':224 'realli':11 'remov':232 'repo':257 'root':45 'rusti':278 'rusty-snak':277 'sandbox':2,23,266 'secur':66,113,265 'seem':166 'sinc':133 'slight':208 'snake':279 'solut':241 'someth':195 'spec':274 'stabl':101 'sudo':171 'sysctl':172 'termin':58 'test':198 'thing':229 'though':14,24,144,226 'toolbox':42 'ublu':206 'unus':236 'use':6,32,131,201,211 'user':30,155,175 'veeeri':50 'w':173 'way':262 'well':22 'window':59 'work':150,169,187 'would':153,242,259 'x11':67 'year':136 'yet':253"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1700870525
    +visibility: "visible             "
    +apId: "https://feddit.de/post/5981126"
    +editedAt: null
    +createdAt: DateTimeImmutable @1700784125 {#1828
      date: 2023-11-24 01:02:05.0 +01:00
    }
  }
  +isSingle: false
  +showShortSentence: true
  +showBody: false
  +showMagazineName: true
  +canSeeTrash: false
  +newComments: 0
}
user_inline App\Twig\Components\UserInlineComponent 16.0 MiB 6.81 ms
Input props 
[
  "user" => Proxies\__CG__\App\Entity\User {#1399
    +avatar: null
    +cover: null
    +email: "Pantherina@feddit.de"
    +username: "@Pantherina@feddit.de"
    +roles: []
    +followersCount: 0
    +homepage: "front"
    +about: null
    +lastActive: DateTime @1721498243 {#2323
      date: 2024-07-20 19:57:23.0 +02:00
    }
    +markedForDeletionAt: null
    +fields: null
    +oauthGithubId: null
    +oauthGoogleId: null
    +oauthFacebookId: null
    +oauthKeycloakId: null
    +hideAdult: true
    +showSubscribedUsers: true
    +showSubscribedMagazines: true
    +showSubscribedDomains: true
    +preferredLanguages: []
    +featuredMagazines: null
    +showProfileSubscriptions: false
    +showProfileFollowings: true
    +markNewComments: false
    +notifyOnNewEntry: false
    +notifyOnNewEntryReply: true
    +notifyOnNewEntryCommentReply: true
    +notifyOnNewPost: false
    +notifyOnNewPostReply: true
    +notifyOnNewPostCommentReply: true
    +addMentionsEntries: false
    +addMentionsPosts: true
    +isBanned: false
    +isVerified: false
    +isDeleted: false
    +isBot: false
    +spamProtection: true
    +customCss: null
    +ignoreMagazinesCustomCss: false
    +moderatorTokens: Doctrine\ORM\PersistentCollection {#2334 …}
    +magazineOwnershipRequests: Doctrine\ORM\PersistentCollection {#2341 …}
    +moderatorRequests: Doctrine\ORM\PersistentCollection {#2337 …}
    +entries: Doctrine\ORM\PersistentCollection {#2336 …}
    +entryVotes: Doctrine\ORM\PersistentCollection {#2339 …}
    +entryComments: Doctrine\ORM\PersistentCollection {#2159 …}
    +entryCommentVotes: Doctrine\ORM\PersistentCollection {#2070 …}
    +posts: Doctrine\ORM\PersistentCollection {#2073 …}
    +postVotes: Doctrine\ORM\PersistentCollection {#2058 …}
    +postComments: Doctrine\ORM\PersistentCollection {#2118 …}
    +postCommentVotes: Doctrine\ORM\PersistentCollection {#2232 …}
    +subscriptions: Doctrine\ORM\PersistentCollection {#2108 …}
    +subscribedDomains: Doctrine\ORM\PersistentCollection {#2057 …}
    +follows: Doctrine\ORM\PersistentCollection {#2309 …}
    +followers: Doctrine\ORM\PersistentCollection {#2311 …}
    +blocks: Doctrine\ORM\PersistentCollection {#2303 …}
    +blockers: Doctrine\ORM\PersistentCollection {#2306 …}
    +blockedMagazines: Doctrine\ORM\PersistentCollection {#2280 …}
    +blockedDomains: Doctrine\ORM\PersistentCollection {#2279 …}
    +reports: Doctrine\ORM\PersistentCollection {#2319 …}
    +favourites: Doctrine\ORM\PersistentCollection {#2222 …}
    +violations: Doctrine\ORM\PersistentCollection {#2195 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2197 …}
    +awards: Doctrine\ORM\PersistentCollection {#2221 …}
    +subscribedCategories: Doctrine\ORM\PersistentCollection {#2208 …}
    +categories: Doctrine\ORM\PersistentCollection {#2272 …}
    -id: 48318
    -password: "$2y$13$ltFqzTJ0eHIMY8NTIUV0JOoX1AZlaj64ntUxYh5oQTJrg6.lxQmuC"
    -totpSecret: null
    -totpBackupCodes: []
    -oAuth2UserConsents: Doctrine\ORM\PersistentCollection {#2236 …}
    +apId: "Pantherina@feddit.de"
    +apProfileId: "https://feddit.de/u/Pantherina"
    +apPublicUrl: "https://feddit.de/u/Pantherina"
    +apFollowersUrl: null
    +apInboxUrl: "https://feddit.de/inbox"
    +apDomain: "feddit.de"
    +apPreferredUsername: "Pantherina"
    +apDiscoverable: true
    +apManuallyApprovesFollowers: false
    +privateKey: null
    +publicKey: null
    +apFetchedAt: DateTime @1721236644 {#2324
      date: 2024-07-17 19:17:24.0 +02:00
    }
    +apDeletedAt: null
    +apTimeoutAt: null
    +visibility: "visible             "
    +createdAt: DateTimeImmutable @1696428300 {#2300
      date: 2023-10-04 16:05:00.0 +02:00
    }
    +__isInitialized__: true
     …2
  }
  "showAvatar" => false
]
Attributes 
[]
Component 
App\Twig\Components\UserInlineComponent {#2063
  +user: Proxies\__CG__\App\Entity\User {#1399
    +avatar: null
    +cover: null
    +email: "Pantherina@feddit.de"
    +username: "@Pantherina@feddit.de"
    +roles: []
    +followersCount: 0
    +homepage: "front"
    +about: null
    +lastActive: DateTime @1721498243 {#2323
      date: 2024-07-20 19:57:23.0 +02:00
    }
    +markedForDeletionAt: null
    +fields: null
    +oauthGithubId: null
    +oauthGoogleId: null
    +oauthFacebookId: null
    +oauthKeycloakId: null
    +hideAdult: true
    +showSubscribedUsers: true
    +showSubscribedMagazines: true
    +showSubscribedDomains: true
    +preferredLanguages: []
    +featuredMagazines: null
    +showProfileSubscriptions: false
    +showProfileFollowings: true
    +markNewComments: false
    +notifyOnNewEntry: false
    +notifyOnNewEntryReply: true
    +notifyOnNewEntryCommentReply: true
    +notifyOnNewPost: false
    +notifyOnNewPostReply: true
    +notifyOnNewPostCommentReply: true
    +addMentionsEntries: false
    +addMentionsPosts: true
    +isBanned: false
    +isVerified: false
    +isDeleted: false
    +isBot: false
    +spamProtection: true
    +customCss: null
    +ignoreMagazinesCustomCss: false
    +moderatorTokens: Doctrine\ORM\PersistentCollection {#2334 …}
    +magazineOwnershipRequests: Doctrine\ORM\PersistentCollection {#2341 …}
    +moderatorRequests: Doctrine\ORM\PersistentCollection {#2337 …}
    +entries: Doctrine\ORM\PersistentCollection {#2336 …}
    +entryVotes: Doctrine\ORM\PersistentCollection {#2339 …}
    +entryComments: Doctrine\ORM\PersistentCollection {#2159 …}
    +entryCommentVotes: Doctrine\ORM\PersistentCollection {#2070 …}
    +posts: Doctrine\ORM\PersistentCollection {#2073 …}
    +postVotes: Doctrine\ORM\PersistentCollection {#2058 …}
    +postComments: Doctrine\ORM\PersistentCollection {#2118 …}
    +postCommentVotes: Doctrine\ORM\PersistentCollection {#2232 …}
    +subscriptions: Doctrine\ORM\PersistentCollection {#2108 …}
    +subscribedDomains: Doctrine\ORM\PersistentCollection {#2057 …}
    +follows: Doctrine\ORM\PersistentCollection {#2309 …}
    +followers: Doctrine\ORM\PersistentCollection {#2311 …}
    +blocks: Doctrine\ORM\PersistentCollection {#2303 …}
    +blockers: Doctrine\ORM\PersistentCollection {#2306 …}
    +blockedMagazines: Doctrine\ORM\PersistentCollection {#2280 …}
    +blockedDomains: Doctrine\ORM\PersistentCollection {#2279 …}
    +reports: Doctrine\ORM\PersistentCollection {#2319 …}
    +favourites: Doctrine\ORM\PersistentCollection {#2222 …}
    +violations: Doctrine\ORM\PersistentCollection {#2195 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2197 …}
    +awards: Doctrine\ORM\PersistentCollection {#2221 …}
    +subscribedCategories: Doctrine\ORM\PersistentCollection {#2208 …}
    +categories: Doctrine\ORM\PersistentCollection {#2272 …}
    -id: 48318
    -password: "$2y$13$ltFqzTJ0eHIMY8NTIUV0JOoX1AZlaj64ntUxYh5oQTJrg6.lxQmuC"
    -totpSecret: null
    -totpBackupCodes: []
    -oAuth2UserConsents: Doctrine\ORM\PersistentCollection {#2236 …}
    +apId: "Pantherina@feddit.de"
    +apProfileId: "https://feddit.de/u/Pantherina"
    +apPublicUrl: "https://feddit.de/u/Pantherina"
    +apFollowersUrl: null
    +apInboxUrl: "https://feddit.de/inbox"
    +apDomain: "feddit.de"
    +apPreferredUsername: "Pantherina"
    +apDiscoverable: true
    +apManuallyApprovesFollowers: false
    +privateKey: null
    +publicKey: null
    +apFetchedAt: DateTime @1721236644 {#2324
      date: 2024-07-17 19:17:24.0 +02:00
    }
    +apDeletedAt: null
    +apTimeoutAt: null
    +visibility: "visible             "
    +createdAt: DateTimeImmutable @1696428300 {#2300
      date: 2023-10-04 16:05:00.0 +02:00
    }
    +__isInitialized__: true
     …2
  }
  +showAvatar: false
}
date App\Twig\Components\DateComponent 16.0 MiB 0.42 ms
Input props 
[
  "date" => DateTimeImmutable @1700784125 {#1828
    date: 2023-11-24 01:02:05.0 +01:00
  }
]
Attributes 
[]
Component 
App\Twig\Components\DateComponent {#2150
  +date: DateTimeImmutable @1700784125 {#1828
    date: 2023-11-24 01:02:05.0 +01:00
  }
}
date_edited App\Twig\Components\DateEditedComponent 16.0 MiB 0.24 ms
Input props 
[
  "createdAt" => DateTimeImmutable @1700784125 {#1828
    date: 2023-11-24 01:02:05.0 +01:00
  }
  "editedAt" => null
]
Attributes 
[]
Component 
App\Twig\Components\DateEditedComponent {#2368
  +createdAt: DateTimeImmutable @1700784125 {#1828
    date: 2023-11-24 01:02:05.0 +01:00
  }
  +editedAt: null
}
magazine_inline App\Twig\Components\MagazineInlineComponent 16.0 MiB 0.31 ms
Input props 
[
  "magazine" => Proxies\__CG__\App\Entity\Magazine {#1570
    +icon: Proxies\__CG__\App\Entity\Image {#1439 …}
    +name: "linux@lemmy.ml"
    +title: "linux"
    +description: """
      From Wikipedia, the free encyclopedia\n
      \n
      Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
      \n
      Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
      \n
      ### Rules\n
      \n
      - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
      - No misinformation\n
      - No NSFW content\n
      - No hate speech, bigotry, etc\n
      \n
      ### Related Communities\n
      \n
      - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
      - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
      - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
      - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
      \n
      Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
      """
    +rules: null
    +subscriptionsCount: 1
    +entryCount: 1406
    +entryCommentCount: 28632
    +postCount: 6
    +postCommentCount: 214
    +isAdult: false
    +customCss: null
    +lastActive: DateTime @1729583542 {#1441
      date: 2024-10-22 09:52:22.0 +02:00
    }
    +markedForDeletionAt: null
    +tags: null
    +moderators: Doctrine\ORM\PersistentCollection {#1440 …}
    +ownershipRequests: Doctrine\ORM\PersistentCollection {#1694 …}
    +moderatorRequests: Doctrine\ORM\PersistentCollection {#1610 …}
    +entries: Doctrine\ORM\PersistentCollection {#1699 …}
    +posts: Doctrine\ORM\PersistentCollection {#1663 …}
    +subscriptions: Doctrine\ORM\PersistentCollection {#1678 …}
    +bans: Doctrine\ORM\PersistentCollection {#1587 …}
    +reports: Doctrine\ORM\PersistentCollection {#1568 …}
    +badges: Doctrine\ORM\PersistentCollection {#1562 …}
    +logs: Doctrine\ORM\PersistentCollection {#1604 …}
    +awards: Doctrine\ORM\PersistentCollection {#1692 …}
    +categories: Doctrine\ORM\PersistentCollection {#1625 …}
    -id: 73
    +apId: "linux@lemmy.ml"
    +apProfileId: "https://lemmy.ml/c/linux"
    +apPublicUrl: "https://lemmy.ml/c/linux"
    +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
    +apInboxUrl: "https://lemmy.ml/inbox"
    +apDomain: "lemmy.ml"
    +apPreferredUsername: "linux"
    +apDiscoverable: true
    +apManuallyApprovesFollowers: null
    +privateKey: null
    +publicKey: null
    +apFetchedAt: DateTime @1729583596 {#1443
      date: 2024-10-22 09:53:16.0 +02:00
    }
    +apDeletedAt: null
    +apTimeoutAt: null
    +visibility: "visible             "
    +createdAt: DateTimeImmutable @1698929468 {#1418
      date: 2023-11-02 13:51:08.0 +01:00
    }
    +__isInitialized__: true
     …2
  }
  "showAvatar" => false
]
Attributes 
[]
Component 
App\Twig\Components\MagazineInlineComponent {#2533
  +magazine: Proxies\__CG__\App\Entity\Magazine {#1570
    +icon: Proxies\__CG__\App\Entity\Image {#1439 …}
    +name: "linux@lemmy.ml"
    +title: "linux"
    +description: """
      From Wikipedia, the free encyclopedia\n
      \n
      Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
      \n
      Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
      \n
      ### Rules\n
      \n
      - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
      - No misinformation\n
      - No NSFW content\n
      - No hate speech, bigotry, etc\n
      \n
      ### Related Communities\n
      \n
      - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
      - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
      - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
      - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
      \n
      Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
      """
    +rules: null
    +subscriptionsCount: 1
    +entryCount: 1406
    +entryCommentCount: 28632
    +postCount: 6
    +postCommentCount: 214
    +isAdult: false
    +customCss: null
    +lastActive: DateTime @1729583542 {#1441
      date: 2024-10-22 09:52:22.0 +02:00
    }
    +markedForDeletionAt: null
    +tags: null
    +moderators: Doctrine\ORM\PersistentCollection {#1440 …}
    +ownershipRequests: Doctrine\ORM\PersistentCollection {#1694 …}
    +moderatorRequests: Doctrine\ORM\PersistentCollection {#1610 …}
    +entries: Doctrine\ORM\PersistentCollection {#1699 …}
    +posts: Doctrine\ORM\PersistentCollection {#1663 …}
    +subscriptions: Doctrine\ORM\PersistentCollection {#1678 …}
    +bans: Doctrine\ORM\PersistentCollection {#1587 …}
    +reports: Doctrine\ORM\PersistentCollection {#1568 …}
    +badges: Doctrine\ORM\PersistentCollection {#1562 …}
    +logs: Doctrine\ORM\PersistentCollection {#1604 …}
    +awards: Doctrine\ORM\PersistentCollection {#1692 …}
    +categories: Doctrine\ORM\PersistentCollection {#1625 …}
    -id: 73
    +apId: "linux@lemmy.ml"
    +apProfileId: "https://lemmy.ml/c/linux"
    +apPublicUrl: "https://lemmy.ml/c/linux"
    +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
    +apInboxUrl: "https://lemmy.ml/inbox"
    +apDomain: "lemmy.ml"
    +apPreferredUsername: "linux"
    +apDiscoverable: true
    +apManuallyApprovesFollowers: null
    +privateKey: null
    +publicKey: null
    +apFetchedAt: DateTime @1729583596 {#1443
      date: 2024-10-22 09:53:16.0 +02:00
    }
    +apDeletedAt: null
    +apTimeoutAt: null
    +visibility: "visible             "
    +createdAt: DateTimeImmutable @1698929468 {#1418
      date: 2023-11-02 13:51:08.0 +01:00
    }
    +__isInitialized__: true
     …2
  }
  +showTitle: true
  +fullName: false
  +stretchedLink: false
  +showAvatar: false
}
vote App\Twig\Components\VoteComponent 16.0 MiB 0.73 ms
Input props 
[
  "subject" => App\Entity\Entry {#1789
    +user: Proxies\__CG__\App\Entity\User {#1399
      +avatar: null
      +cover: null
      +email: "Pantherina@feddit.de"
      +username: "@Pantherina@feddit.de"
      +roles: []
      +followersCount: 0
      +homepage: "front"
      +about: null
      +lastActive: DateTime @1721498243 {#2323
        date: 2024-07-20 19:57:23.0 +02:00
      }
      +markedForDeletionAt: null
      +fields: null
      +oauthGithubId: null
      +oauthGoogleId: null
      +oauthFacebookId: null
      +oauthKeycloakId: null
      +hideAdult: true
      +showSubscribedUsers: true
      +showSubscribedMagazines: true
      +showSubscribedDomains: true
      +preferredLanguages: []
      +featuredMagazines: null
      +showProfileSubscriptions: false
      +showProfileFollowings: true
      +markNewComments: false
      +notifyOnNewEntry: false
      +notifyOnNewEntryReply: true
      +notifyOnNewEntryCommentReply: true
      +notifyOnNewPost: false
      +notifyOnNewPostReply: true
      +notifyOnNewPostCommentReply: true
      +addMentionsEntries: false
      +addMentionsPosts: true
      +isBanned: false
      +isVerified: false
      +isDeleted: false
      +isBot: false
      +spamProtection: true
      +customCss: null
      +ignoreMagazinesCustomCss: false
      +moderatorTokens: Doctrine\ORM\PersistentCollection {#2334 …}
      +magazineOwnershipRequests: Doctrine\ORM\PersistentCollection {#2341 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#2337 …}
      +entries: Doctrine\ORM\PersistentCollection {#2336 …}
      +entryVotes: Doctrine\ORM\PersistentCollection {#2339 …}
      +entryComments: Doctrine\ORM\PersistentCollection {#2159 …}
      +entryCommentVotes: Doctrine\ORM\PersistentCollection {#2070 …}
      +posts: Doctrine\ORM\PersistentCollection {#2073 …}
      +postVotes: Doctrine\ORM\PersistentCollection {#2058 …}
      +postComments: Doctrine\ORM\PersistentCollection {#2118 …}
      +postCommentVotes: Doctrine\ORM\PersistentCollection {#2232 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#2108 …}
      +subscribedDomains: Doctrine\ORM\PersistentCollection {#2057 …}
      +follows: Doctrine\ORM\PersistentCollection {#2309 …}
      +followers: Doctrine\ORM\PersistentCollection {#2311 …}
      +blocks: Doctrine\ORM\PersistentCollection {#2303 …}
      +blockers: Doctrine\ORM\PersistentCollection {#2306 …}
      +blockedMagazines: Doctrine\ORM\PersistentCollection {#2280 …}
      +blockedDomains: Doctrine\ORM\PersistentCollection {#2279 …}
      +reports: Doctrine\ORM\PersistentCollection {#2319 …}
      +favourites: Doctrine\ORM\PersistentCollection {#2222 …}
      +violations: Doctrine\ORM\PersistentCollection {#2195 …}
      +notifications: Doctrine\ORM\PersistentCollection {#2197 …}
      +awards: Doctrine\ORM\PersistentCollection {#2221 …}
      +subscribedCategories: Doctrine\ORM\PersistentCollection {#2208 …}
      +categories: Doctrine\ORM\PersistentCollection {#2272 …}
      -id: 48318
      -password: "$2y$13$ltFqzTJ0eHIMY8NTIUV0JOoX1AZlaj64ntUxYh5oQTJrg6.lxQmuC"
      -totpSecret: null
      -totpBackupCodes: []
      -oAuth2UserConsents: Doctrine\ORM\PersistentCollection {#2236 …}
      +apId: "Pantherina@feddit.de"
      +apProfileId: "https://feddit.de/u/Pantherina"
      +apPublicUrl: "https://feddit.de/u/Pantherina"
      +apFollowersUrl: null
      +apInboxUrl: "https://feddit.de/inbox"
      +apDomain: "feddit.de"
      +apPreferredUsername: "Pantherina"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: false
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1721236644 {#2324
        date: 2024-07-17 19:17:24.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1696428300 {#2300
        date: 2023-10-04 16:05:00.0 +02:00
      }
      +__isInitialized__: true
       …2
    }
    +magazine: Proxies\__CG__\App\Entity\Magazine {#1570
      +icon: Proxies\__CG__\App\Entity\Image {#1439 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#1441
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#1440 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#1694 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#1610 …}
      +entries: Doctrine\ORM\PersistentCollection {#1699 …}
      +posts: Doctrine\ORM\PersistentCollection {#1663 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#1678 …}
      +bans: Doctrine\ORM\PersistentCollection {#1587 …}
      +reports: Doctrine\ORM\PersistentCollection {#1568 …}
      +badges: Doctrine\ORM\PersistentCollection {#1562 …}
      +logs: Doctrine\ORM\PersistentCollection {#1604 …}
      +awards: Doctrine\ORM\PersistentCollection {#1692 …}
      +categories: Doctrine\ORM\PersistentCollection {#1625 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#1443
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#1418
        date: 2023-11-02 13:51:08.0 +01:00
      }
      +__isInitialized__: true
       …2
    }
    +image: null
    +domain: App\Entity\Domain {#277
      +entries: Doctrine\ORM\PersistentCollection {#243 …}
      +name: "madaidans-insecurities.github.io"
      +entryCount: 1
      +subscriptionsCount: 0
      +subscriptions: Doctrine\ORM\PersistentCollection {#265 …}
      -id: 1090
    }
    +slug: "Just-read-Madaidans-Insecurities-Do-you-know-how-much-is"
    +title: "Just read Madaidans Insecurities. Do you know how much is still relevant?"
    +url: "https://www.madaidans-insecurities.github.io/linux.html"
    +body: """
      Basically\n
      \n
      - Sandboxing is bad, bubblewrap (used in Flatpak) is a really good implementation though. Firefox and other apps are not very well sandboxed though\n
      - The kernel is endangered through user namespaces (used in Flatpak and Podman/Docker containers i.e. in Distrobox and Toolbox too)\n
      - the root password can be extracted veeery easily, especially when entering it through a terminal. Windows “okay” button might actually be more secure!\n
      - X11 is insecure, okay we know that\n
      - the kernel is very bloated and everything in there has all the permissions, which is not needed\n
      - Kernel bugs are often not fixed quickly or at all\n
      - Stable Distros are insecure if only CVE bugs are backported, as many security bugs dont get a CVE\n
      \n
      I am currently experimenting with the hardened Kernel and hardened_malloc, I use GrapheneOS since over a year.\n
      \n
      On Linux its a bit more difficult though, as Flatpak and Distrobox dont work anymore.\n
      \n
      This would mean user namespaces need to be enabled again, which I can’t seem to make work with\n
      \n
      `sudo sysctl -w kernel.unprivileged_users_clone=1`\n
      \n
      But the file doesnt exist and creating it doesnt work, probably needs to be a karg or something?\n
      \n
      I am testing all this using the hardened mod of Ublue (a slight Fedora deviation using its image-based distribution model):\n
      \n
      [github.com/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)\n
      \n
      The images are rather opinionated though and have things like Flatpak removed, making them nearly unusable.\n
      \n
      Maybe nix is a solution? Would this be a good idea?\n
      \n
      Another point, bubblejail is not yet in the Fedora repos, which would be a way to make secure sandboxing accessible. [Here](https://github.com/rusty-snake/fedora-extras/tree/main/bubblejail) is a spec file from rusty-snake.\n
      \n
      What do you know about this?
      """
    +type: "link"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 8
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1700929355 {#2404
      date: 2023-11-25 17:22:35.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1804 …}
    +votes: Doctrine\ORM\PersistentCollection {#1927 …}
    +reports: Doctrine\ORM\PersistentCollection {#1841 …}
    +favourites: Doctrine\ORM\PersistentCollection {#2473 …}
    +notifications: Doctrine\ORM\PersistentCollection {#1535 …}
    +badges: Doctrine\ORM\PersistentCollection {#1542 …}
    +children: []
    -id: 16138
    -titleTs: "'insecur':4 'know':7 'madaidan':3 'much':9 'read':2 'relev':12 'still':11"
    -bodyTs: "'/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)':220 '/rusty-snake/fedora-extras/tree/main/bubblejail)':271 '1':177 'access':267 'actual':63 'anoth':248 'anymor':151 'app':18 'backport':110 'bad':4 'base':215 'basic':1 'bit':141 'bloat':78 'bubblejail':250 'bubblewrap':5 'bug':92,108,114 'button':61 'clone':176 'contain':37 'creat':184 'current':121 'cve':107,118 'deviat':210 'difficult':143 'distribut':216 'distro':102 'distrobox':40,148 'doesnt':181,186 'dont':115,149 'easili':51 'enabl':160 'endang':28 'enter':54 'especi':52 'everyth':80 'exist':182 'experi':122 'extract':49 'fedora':209,256 'file':180,275 'firefox':15 'fix':96 'flatpak':8,34,146,231 'get':116 'github.com':219,270 'github.com/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)':218 'github.com/rusty-snake/fedora-extras/tree/main/bubblejail)':269 'good':12,246 'grapheneo':132 'harden':125,128,203 'i.e':38 'idea':247 'imag':214,222 'image-bas':213 'implement':13 'insecur':69,104 'karg':193 'kernel':26,75,91,126 'kernel.unprivileged':174 'know':72,283 'like':230 'linux':138 'make':168,233,264 'malloc':129 'mani':112 'mayb':237 'mean':154 'might':62 'mod':204 'model':217 'namespac':31,156 'near':235 'need':90,157,189 'nix':238 'often':94 'okay':60,70 'opinion':225 'password':46 'permiss':86 'podman/docker':36 'point':249 'probabl':188 'quick':97 'rather':224 'realli':11 'remov':232 'repo':257 'root':45 'rusti':278 'rusty-snak':277 'sandbox':2,23,266 'secur':66,113,265 'seem':166 'sinc':133 'slight':208 'snake':279 'solut':241 'someth':195 'spec':274 'stabl':101 'sudo':171 'sysctl':172 'termin':58 'test':198 'thing':229 'though':14,24,144,226 'toolbox':42 'ublu':206 'unus':236 'use':6,32,131,201,211 'user':30,155,175 'veeeri':50 'w':173 'way':262 'well':22 'window':59 'work':150,169,187 'would':153,242,259 'x11':67 'year':136 'yet':253"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1700870525
    +visibility: "visible             "
    +apId: "https://feddit.de/post/5981126"
    +editedAt: null
    +createdAt: DateTimeImmutable @1700784125 {#1828
      date: 2023-11-24 01:02:05.0 +01:00
    }
  }
]
Attributes 
[]
Component 
App\Twig\Components\VoteComponent {#2600
  +subject: App\Entity\Entry {#1789
    +user: Proxies\__CG__\App\Entity\User {#1399
      +avatar: null
      +cover: null
      +email: "Pantherina@feddit.de"
      +username: "@Pantherina@feddit.de"
      +roles: []
      +followersCount: 0
      +homepage: "front"
      +about: null
      +lastActive: DateTime @1721498243 {#2323
        date: 2024-07-20 19:57:23.0 +02:00
      }
      +markedForDeletionAt: null
      +fields: null
      +oauthGithubId: null
      +oauthGoogleId: null
      +oauthFacebookId: null
      +oauthKeycloakId: null
      +hideAdult: true
      +showSubscribedUsers: true
      +showSubscribedMagazines: true
      +showSubscribedDomains: true
      +preferredLanguages: []
      +featuredMagazines: null
      +showProfileSubscriptions: false
      +showProfileFollowings: true
      +markNewComments: false
      +notifyOnNewEntry: false
      +notifyOnNewEntryReply: true
      +notifyOnNewEntryCommentReply: true
      +notifyOnNewPost: false
      +notifyOnNewPostReply: true
      +notifyOnNewPostCommentReply: true
      +addMentionsEntries: false
      +addMentionsPosts: true
      +isBanned: false
      +isVerified: false
      +isDeleted: false
      +isBot: false
      +spamProtection: true
      +customCss: null
      +ignoreMagazinesCustomCss: false
      +moderatorTokens: Doctrine\ORM\PersistentCollection {#2334 …}
      +magazineOwnershipRequests: Doctrine\ORM\PersistentCollection {#2341 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#2337 …}
      +entries: Doctrine\ORM\PersistentCollection {#2336 …}
      +entryVotes: Doctrine\ORM\PersistentCollection {#2339 …}
      +entryComments: Doctrine\ORM\PersistentCollection {#2159 …}
      +entryCommentVotes: Doctrine\ORM\PersistentCollection {#2070 …}
      +posts: Doctrine\ORM\PersistentCollection {#2073 …}
      +postVotes: Doctrine\ORM\PersistentCollection {#2058 …}
      +postComments: Doctrine\ORM\PersistentCollection {#2118 …}
      +postCommentVotes: Doctrine\ORM\PersistentCollection {#2232 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#2108 …}
      +subscribedDomains: Doctrine\ORM\PersistentCollection {#2057 …}
      +follows: Doctrine\ORM\PersistentCollection {#2309 …}
      +followers: Doctrine\ORM\PersistentCollection {#2311 …}
      +blocks: Doctrine\ORM\PersistentCollection {#2303 …}
      +blockers: Doctrine\ORM\PersistentCollection {#2306 …}
      +blockedMagazines: Doctrine\ORM\PersistentCollection {#2280 …}
      +blockedDomains: Doctrine\ORM\PersistentCollection {#2279 …}
      +reports: Doctrine\ORM\PersistentCollection {#2319 …}
      +favourites: Doctrine\ORM\PersistentCollection {#2222 …}
      +violations: Doctrine\ORM\PersistentCollection {#2195 …}
      +notifications: Doctrine\ORM\PersistentCollection {#2197 …}
      +awards: Doctrine\ORM\PersistentCollection {#2221 …}
      +subscribedCategories: Doctrine\ORM\PersistentCollection {#2208 …}
      +categories: Doctrine\ORM\PersistentCollection {#2272 …}
      -id: 48318
      -password: "$2y$13$ltFqzTJ0eHIMY8NTIUV0JOoX1AZlaj64ntUxYh5oQTJrg6.lxQmuC"
      -totpSecret: null
      -totpBackupCodes: []
      -oAuth2UserConsents: Doctrine\ORM\PersistentCollection {#2236 …}
      +apId: "Pantherina@feddit.de"
      +apProfileId: "https://feddit.de/u/Pantherina"
      +apPublicUrl: "https://feddit.de/u/Pantherina"
      +apFollowersUrl: null
      +apInboxUrl: "https://feddit.de/inbox"
      +apDomain: "feddit.de"
      +apPreferredUsername: "Pantherina"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: false
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1721236644 {#2324
        date: 2024-07-17 19:17:24.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1696428300 {#2300
        date: 2023-10-04 16:05:00.0 +02:00
      }
      +__isInitialized__: true
       …2
    }
    +magazine: Proxies\__CG__\App\Entity\Magazine {#1570
      +icon: Proxies\__CG__\App\Entity\Image {#1439 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#1441
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#1440 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#1694 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#1610 …}
      +entries: Doctrine\ORM\PersistentCollection {#1699 …}
      +posts: Doctrine\ORM\PersistentCollection {#1663 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#1678 …}
      +bans: Doctrine\ORM\PersistentCollection {#1587 …}
      +reports: Doctrine\ORM\PersistentCollection {#1568 …}
      +badges: Doctrine\ORM\PersistentCollection {#1562 …}
      +logs: Doctrine\ORM\PersistentCollection {#1604 …}
      +awards: Doctrine\ORM\PersistentCollection {#1692 …}
      +categories: Doctrine\ORM\PersistentCollection {#1625 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#1443
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#1418
        date: 2023-11-02 13:51:08.0 +01:00
      }
      +__isInitialized__: true
       …2
    }
    +image: null
    +domain: App\Entity\Domain {#277
      +entries: Doctrine\ORM\PersistentCollection {#243 …}
      +name: "madaidans-insecurities.github.io"
      +entryCount: 1
      +subscriptionsCount: 0
      +subscriptions: Doctrine\ORM\PersistentCollection {#265 …}
      -id: 1090
    }
    +slug: "Just-read-Madaidans-Insecurities-Do-you-know-how-much-is"
    +title: "Just read Madaidans Insecurities. Do you know how much is still relevant?"
    +url: "https://www.madaidans-insecurities.github.io/linux.html"
    +body: """
      Basically\n
      \n
      - Sandboxing is bad, bubblewrap (used in Flatpak) is a really good implementation though. Firefox and other apps are not very well sandboxed though\n
      - The kernel is endangered through user namespaces (used in Flatpak and Podman/Docker containers i.e. in Distrobox and Toolbox too)\n
      - the root password can be extracted veeery easily, especially when entering it through a terminal. Windows “okay” button might actually be more secure!\n
      - X11 is insecure, okay we know that\n
      - the kernel is very bloated and everything in there has all the permissions, which is not needed\n
      - Kernel bugs are often not fixed quickly or at all\n
      - Stable Distros are insecure if only CVE bugs are backported, as many security bugs dont get a CVE\n
      \n
      I am currently experimenting with the hardened Kernel and hardened_malloc, I use GrapheneOS since over a year.\n
      \n
      On Linux its a bit more difficult though, as Flatpak and Distrobox dont work anymore.\n
      \n
      This would mean user namespaces need to be enabled again, which I can’t seem to make work with\n
      \n
      `sudo sysctl -w kernel.unprivileged_users_clone=1`\n
      \n
      But the file doesnt exist and creating it doesnt work, probably needs to be a karg or something?\n
      \n
      I am testing all this using the hardened mod of Ublue (a slight Fedora deviation using its image-based distribution model):\n
      \n
      [github.com/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)\n
      \n
      The images are rather opinionated though and have things like Flatpak removed, making them nearly unusable.\n
      \n
      Maybe nix is a solution? Would this be a good idea?\n
      \n
      Another point, bubblejail is not yet in the Fedora repos, which would be a way to make secure sandboxing accessible. [Here](https://github.com/rusty-snake/fedora-extras/tree/main/bubblejail) is a spec file from rusty-snake.\n
      \n
      What do you know about this?
      """
    +type: "link"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 8
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1700929355 {#2404
      date: 2023-11-25 17:22:35.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1804 …}
    +votes: Doctrine\ORM\PersistentCollection {#1927 …}
    +reports: Doctrine\ORM\PersistentCollection {#1841 …}
    +favourites: Doctrine\ORM\PersistentCollection {#2473 …}
    +notifications: Doctrine\ORM\PersistentCollection {#1535 …}
    +badges: Doctrine\ORM\PersistentCollection {#1542 …}
    +children: []
    -id: 16138
    -titleTs: "'insecur':4 'know':7 'madaidan':3 'much':9 'read':2 'relev':12 'still':11"
    -bodyTs: "'/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)':220 '/rusty-snake/fedora-extras/tree/main/bubblejail)':271 '1':177 'access':267 'actual':63 'anoth':248 'anymor':151 'app':18 'backport':110 'bad':4 'base':215 'basic':1 'bit':141 'bloat':78 'bubblejail':250 'bubblewrap':5 'bug':92,108,114 'button':61 'clone':176 'contain':37 'creat':184 'current':121 'cve':107,118 'deviat':210 'difficult':143 'distribut':216 'distro':102 'distrobox':40,148 'doesnt':181,186 'dont':115,149 'easili':51 'enabl':160 'endang':28 'enter':54 'especi':52 'everyth':80 'exist':182 'experi':122 'extract':49 'fedora':209,256 'file':180,275 'firefox':15 'fix':96 'flatpak':8,34,146,231 'get':116 'github.com':219,270 'github.com/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)':218 'github.com/rusty-snake/fedora-extras/tree/main/bubblejail)':269 'good':12,246 'grapheneo':132 'harden':125,128,203 'i.e':38 'idea':247 'imag':214,222 'image-bas':213 'implement':13 'insecur':69,104 'karg':193 'kernel':26,75,91,126 'kernel.unprivileged':174 'know':72,283 'like':230 'linux':138 'make':168,233,264 'malloc':129 'mani':112 'mayb':237 'mean':154 'might':62 'mod':204 'model':217 'namespac':31,156 'near':235 'need':90,157,189 'nix':238 'often':94 'okay':60,70 'opinion':225 'password':46 'permiss':86 'podman/docker':36 'point':249 'probabl':188 'quick':97 'rather':224 'realli':11 'remov':232 'repo':257 'root':45 'rusti':278 'rusty-snak':277 'sandbox':2,23,266 'secur':66,113,265 'seem':166 'sinc':133 'slight':208 'snake':279 'solut':241 'someth':195 'spec':274 'stabl':101 'sudo':171 'sysctl':172 'termin':58 'test':198 'thing':229 'though':14,24,144,226 'toolbox':42 'ublu':206 'unus':236 'use':6,32,131,201,211 'user':30,155,175 'veeeri':50 'w':173 'way':262 'well':22 'window':59 'work':150,169,187 'would':153,242,259 'x11':67 'year':136 'yet':253"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1700870525
    +visibility: "visible             "
    +apId: "https://feddit.de/post/5981126"
    +editedAt: null
    +createdAt: DateTimeImmutable @1700784125 {#1828
      date: 2023-11-24 01:02:05.0 +01:00
    }
  }
  +formDest: "entry"
  +showDownvote: true
  -cache: Symfony\Component\Cache\Adapter\TraceableTagAwareAdapter {#600 …}
}
boost App\Twig\Components\BoostComponent 16.0 MiB 1.67 ms
Input props 
[
  "subject" => App\Entity\Entry {#1789
    +user: Proxies\__CG__\App\Entity\User {#1399
      +avatar: null
      +cover: null
      +email: "Pantherina@feddit.de"
      +username: "@Pantherina@feddit.de"
      +roles: []
      +followersCount: 0
      +homepage: "front"
      +about: null
      +lastActive: DateTime @1721498243 {#2323
        date: 2024-07-20 19:57:23.0 +02:00
      }
      +markedForDeletionAt: null
      +fields: null
      +oauthGithubId: null
      +oauthGoogleId: null
      +oauthFacebookId: null
      +oauthKeycloakId: null
      +hideAdult: true
      +showSubscribedUsers: true
      +showSubscribedMagazines: true
      +showSubscribedDomains: true
      +preferredLanguages: []
      +featuredMagazines: null
      +showProfileSubscriptions: false
      +showProfileFollowings: true
      +markNewComments: false
      +notifyOnNewEntry: false
      +notifyOnNewEntryReply: true
      +notifyOnNewEntryCommentReply: true
      +notifyOnNewPost: false
      +notifyOnNewPostReply: true
      +notifyOnNewPostCommentReply: true
      +addMentionsEntries: false
      +addMentionsPosts: true
      +isBanned: false
      +isVerified: false
      +isDeleted: false
      +isBot: false
      +spamProtection: true
      +customCss: null
      +ignoreMagazinesCustomCss: false
      +moderatorTokens: Doctrine\ORM\PersistentCollection {#2334 …}
      +magazineOwnershipRequests: Doctrine\ORM\PersistentCollection {#2341 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#2337 …}
      +entries: Doctrine\ORM\PersistentCollection {#2336 …}
      +entryVotes: Doctrine\ORM\PersistentCollection {#2339 …}
      +entryComments: Doctrine\ORM\PersistentCollection {#2159 …}
      +entryCommentVotes: Doctrine\ORM\PersistentCollection {#2070 …}
      +posts: Doctrine\ORM\PersistentCollection {#2073 …}
      +postVotes: Doctrine\ORM\PersistentCollection {#2058 …}
      +postComments: Doctrine\ORM\PersistentCollection {#2118 …}
      +postCommentVotes: Doctrine\ORM\PersistentCollection {#2232 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#2108 …}
      +subscribedDomains: Doctrine\ORM\PersistentCollection {#2057 …}
      +follows: Doctrine\ORM\PersistentCollection {#2309 …}
      +followers: Doctrine\ORM\PersistentCollection {#2311 …}
      +blocks: Doctrine\ORM\PersistentCollection {#2303 …}
      +blockers: Doctrine\ORM\PersistentCollection {#2306 …}
      +blockedMagazines: Doctrine\ORM\PersistentCollection {#2280 …}
      +blockedDomains: Doctrine\ORM\PersistentCollection {#2279 …}
      +reports: Doctrine\ORM\PersistentCollection {#2319 …}
      +favourites: Doctrine\ORM\PersistentCollection {#2222 …}
      +violations: Doctrine\ORM\PersistentCollection {#2195 …}
      +notifications: Doctrine\ORM\PersistentCollection {#2197 …}
      +awards: Doctrine\ORM\PersistentCollection {#2221 …}
      +subscribedCategories: Doctrine\ORM\PersistentCollection {#2208 …}
      +categories: Doctrine\ORM\PersistentCollection {#2272 …}
      -id: 48318
      -password: "$2y$13$ltFqzTJ0eHIMY8NTIUV0JOoX1AZlaj64ntUxYh5oQTJrg6.lxQmuC"
      -totpSecret: null
      -totpBackupCodes: []
      -oAuth2UserConsents: Doctrine\ORM\PersistentCollection {#2236 …}
      +apId: "Pantherina@feddit.de"
      +apProfileId: "https://feddit.de/u/Pantherina"
      +apPublicUrl: "https://feddit.de/u/Pantherina"
      +apFollowersUrl: null
      +apInboxUrl: "https://feddit.de/inbox"
      +apDomain: "feddit.de"
      +apPreferredUsername: "Pantherina"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: false
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1721236644 {#2324
        date: 2024-07-17 19:17:24.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1696428300 {#2300
        date: 2023-10-04 16:05:00.0 +02:00
      }
      +__isInitialized__: true
       …2
    }
    +magazine: Proxies\__CG__\App\Entity\Magazine {#1570
      +icon: Proxies\__CG__\App\Entity\Image {#1439 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#1441
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#1440 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#1694 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#1610 …}
      +entries: Doctrine\ORM\PersistentCollection {#1699 …}
      +posts: Doctrine\ORM\PersistentCollection {#1663 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#1678 …}
      +bans: Doctrine\ORM\PersistentCollection {#1587 …}
      +reports: Doctrine\ORM\PersistentCollection {#1568 …}
      +badges: Doctrine\ORM\PersistentCollection {#1562 …}
      +logs: Doctrine\ORM\PersistentCollection {#1604 …}
      +awards: Doctrine\ORM\PersistentCollection {#1692 …}
      +categories: Doctrine\ORM\PersistentCollection {#1625 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#1443
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#1418
        date: 2023-11-02 13:51:08.0 +01:00
      }
      +__isInitialized__: true
       …2
    }
    +image: null
    +domain: App\Entity\Domain {#277
      +entries: Doctrine\ORM\PersistentCollection {#243 …}
      +name: "madaidans-insecurities.github.io"
      +entryCount: 1
      +subscriptionsCount: 0
      +subscriptions: Doctrine\ORM\PersistentCollection {#265 …}
      -id: 1090
    }
    +slug: "Just-read-Madaidans-Insecurities-Do-you-know-how-much-is"
    +title: "Just read Madaidans Insecurities. Do you know how much is still relevant?"
    +url: "https://www.madaidans-insecurities.github.io/linux.html"
    +body: """
      Basically\n
      \n
      - Sandboxing is bad, bubblewrap (used in Flatpak) is a really good implementation though. Firefox and other apps are not very well sandboxed though\n
      - The kernel is endangered through user namespaces (used in Flatpak and Podman/Docker containers i.e. in Distrobox and Toolbox too)\n
      - the root password can be extracted veeery easily, especially when entering it through a terminal. Windows “okay” button might actually be more secure!\n
      - X11 is insecure, okay we know that\n
      - the kernel is very bloated and everything in there has all the permissions, which is not needed\n
      - Kernel bugs are often not fixed quickly or at all\n
      - Stable Distros are insecure if only CVE bugs are backported, as many security bugs dont get a CVE\n
      \n
      I am currently experimenting with the hardened Kernel and hardened_malloc, I use GrapheneOS since over a year.\n
      \n
      On Linux its a bit more difficult though, as Flatpak and Distrobox dont work anymore.\n
      \n
      This would mean user namespaces need to be enabled again, which I can’t seem to make work with\n
      \n
      `sudo sysctl -w kernel.unprivileged_users_clone=1`\n
      \n
      But the file doesnt exist and creating it doesnt work, probably needs to be a karg or something?\n
      \n
      I am testing all this using the hardened mod of Ublue (a slight Fedora deviation using its image-based distribution model):\n
      \n
      [github.com/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)\n
      \n
      The images are rather opinionated though and have things like Flatpak removed, making them nearly unusable.\n
      \n
      Maybe nix is a solution? Would this be a good idea?\n
      \n
      Another point, bubblejail is not yet in the Fedora repos, which would be a way to make secure sandboxing accessible. [Here](https://github.com/rusty-snake/fedora-extras/tree/main/bubblejail) is a spec file from rusty-snake.\n
      \n
      What do you know about this?
      """
    +type: "link"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 8
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1700929355 {#2404
      date: 2023-11-25 17:22:35.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1804 …}
    +votes: Doctrine\ORM\PersistentCollection {#1927 …}
    +reports: Doctrine\ORM\PersistentCollection {#1841 …}
    +favourites: Doctrine\ORM\PersistentCollection {#2473 …}
    +notifications: Doctrine\ORM\PersistentCollection {#1535 …}
    +badges: Doctrine\ORM\PersistentCollection {#1542 …}
    +children: []
    -id: 16138
    -titleTs: "'insecur':4 'know':7 'madaidan':3 'much':9 'read':2 'relev':12 'still':11"
    -bodyTs: "'/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)':220 '/rusty-snake/fedora-extras/tree/main/bubblejail)':271 '1':177 'access':267 'actual':63 'anoth':248 'anymor':151 'app':18 'backport':110 'bad':4 'base':215 'basic':1 'bit':141 'bloat':78 'bubblejail':250 'bubblewrap':5 'bug':92,108,114 'button':61 'clone':176 'contain':37 'creat':184 'current':121 'cve':107,118 'deviat':210 'difficult':143 'distribut':216 'distro':102 'distrobox':40,148 'doesnt':181,186 'dont':115,149 'easili':51 'enabl':160 'endang':28 'enter':54 'especi':52 'everyth':80 'exist':182 'experi':122 'extract':49 'fedora':209,256 'file':180,275 'firefox':15 'fix':96 'flatpak':8,34,146,231 'get':116 'github.com':219,270 'github.com/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)':218 'github.com/rusty-snake/fedora-extras/tree/main/bubblejail)':269 'good':12,246 'grapheneo':132 'harden':125,128,203 'i.e':38 'idea':247 'imag':214,222 'image-bas':213 'implement':13 'insecur':69,104 'karg':193 'kernel':26,75,91,126 'kernel.unprivileged':174 'know':72,283 'like':230 'linux':138 'make':168,233,264 'malloc':129 'mani':112 'mayb':237 'mean':154 'might':62 'mod':204 'model':217 'namespac':31,156 'near':235 'need':90,157,189 'nix':238 'often':94 'okay':60,70 'opinion':225 'password':46 'permiss':86 'podman/docker':36 'point':249 'probabl':188 'quick':97 'rather':224 'realli':11 'remov':232 'repo':257 'root':45 'rusti':278 'rusty-snak':277 'sandbox':2,23,266 'secur':66,113,265 'seem':166 'sinc':133 'slight':208 'snake':279 'solut':241 'someth':195 'spec':274 'stabl':101 'sudo':171 'sysctl':172 'termin':58 'test':198 'thing':229 'though':14,24,144,226 'toolbox':42 'ublu':206 'unus':236 'use':6,32,131,201,211 'user':30,155,175 'veeeri':50 'w':173 'way':262 'well':22 'window':59 'work':150,169,187 'would':153,242,259 'x11':67 'year':136 'yet':253"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1700870525
    +visibility: "visible             "
    +apId: "https://feddit.de/post/5981126"
    +editedAt: null
    +createdAt: DateTimeImmutable @1700784125 {#1828
      date: 2023-11-24 01:02:05.0 +01:00
    }
  }
]
Attributes 
[]
Component 
App\Twig\Components\BoostComponent {#2667
  +formDest: "entry"
  +subject: App\Entity\Entry {#1789
    +user: Proxies\__CG__\App\Entity\User {#1399
      +avatar: null
      +cover: null
      +email: "Pantherina@feddit.de"
      +username: "@Pantherina@feddit.de"
      +roles: []
      +followersCount: 0
      +homepage: "front"
      +about: null
      +lastActive: DateTime @1721498243 {#2323
        date: 2024-07-20 19:57:23.0 +02:00
      }
      +markedForDeletionAt: null
      +fields: null
      +oauthGithubId: null
      +oauthGoogleId: null
      +oauthFacebookId: null
      +oauthKeycloakId: null
      +hideAdult: true
      +showSubscribedUsers: true
      +showSubscribedMagazines: true
      +showSubscribedDomains: true
      +preferredLanguages: []
      +featuredMagazines: null
      +showProfileSubscriptions: false
      +showProfileFollowings: true
      +markNewComments: false
      +notifyOnNewEntry: false
      +notifyOnNewEntryReply: true
      +notifyOnNewEntryCommentReply: true
      +notifyOnNewPost: false
      +notifyOnNewPostReply: true
      +notifyOnNewPostCommentReply: true
      +addMentionsEntries: false
      +addMentionsPosts: true
      +isBanned: false
      +isVerified: false
      +isDeleted: false
      +isBot: false
      +spamProtection: true
      +customCss: null
      +ignoreMagazinesCustomCss: false
      +moderatorTokens: Doctrine\ORM\PersistentCollection {#2334 …}
      +magazineOwnershipRequests: Doctrine\ORM\PersistentCollection {#2341 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#2337 …}
      +entries: Doctrine\ORM\PersistentCollection {#2336 …}
      +entryVotes: Doctrine\ORM\PersistentCollection {#2339 …}
      +entryComments: Doctrine\ORM\PersistentCollection {#2159 …}
      +entryCommentVotes: Doctrine\ORM\PersistentCollection {#2070 …}
      +posts: Doctrine\ORM\PersistentCollection {#2073 …}
      +postVotes: Doctrine\ORM\PersistentCollection {#2058 …}
      +postComments: Doctrine\ORM\PersistentCollection {#2118 …}
      +postCommentVotes: Doctrine\ORM\PersistentCollection {#2232 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#2108 …}
      +subscribedDomains: Doctrine\ORM\PersistentCollection {#2057 …}
      +follows: Doctrine\ORM\PersistentCollection {#2309 …}
      +followers: Doctrine\ORM\PersistentCollection {#2311 …}
      +blocks: Doctrine\ORM\PersistentCollection {#2303 …}
      +blockers: Doctrine\ORM\PersistentCollection {#2306 …}
      +blockedMagazines: Doctrine\ORM\PersistentCollection {#2280 …}
      +blockedDomains: Doctrine\ORM\PersistentCollection {#2279 …}
      +reports: Doctrine\ORM\PersistentCollection {#2319 …}
      +favourites: Doctrine\ORM\PersistentCollection {#2222 …}
      +violations: Doctrine\ORM\PersistentCollection {#2195 …}
      +notifications: Doctrine\ORM\PersistentCollection {#2197 …}
      +awards: Doctrine\ORM\PersistentCollection {#2221 …}
      +subscribedCategories: Doctrine\ORM\PersistentCollection {#2208 …}
      +categories: Doctrine\ORM\PersistentCollection {#2272 …}
      -id: 48318
      -password: "$2y$13$ltFqzTJ0eHIMY8NTIUV0JOoX1AZlaj64ntUxYh5oQTJrg6.lxQmuC"
      -totpSecret: null
      -totpBackupCodes: []
      -oAuth2UserConsents: Doctrine\ORM\PersistentCollection {#2236 …}
      +apId: "Pantherina@feddit.de"
      +apProfileId: "https://feddit.de/u/Pantherina"
      +apPublicUrl: "https://feddit.de/u/Pantherina"
      +apFollowersUrl: null
      +apInboxUrl: "https://feddit.de/inbox"
      +apDomain: "feddit.de"
      +apPreferredUsername: "Pantherina"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: false
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1721236644 {#2324
        date: 2024-07-17 19:17:24.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1696428300 {#2300
        date: 2023-10-04 16:05:00.0 +02:00
      }
      +__isInitialized__: true
       …2
    }
    +magazine: Proxies\__CG__\App\Entity\Magazine {#1570
      +icon: Proxies\__CG__\App\Entity\Image {#1439 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#1441
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#1440 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#1694 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#1610 …}
      +entries: Doctrine\ORM\PersistentCollection {#1699 …}
      +posts: Doctrine\ORM\PersistentCollection {#1663 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#1678 …}
      +bans: Doctrine\ORM\PersistentCollection {#1587 …}
      +reports: Doctrine\ORM\PersistentCollection {#1568 …}
      +badges: Doctrine\ORM\PersistentCollection {#1562 …}
      +logs: Doctrine\ORM\PersistentCollection {#1604 …}
      +awards: Doctrine\ORM\PersistentCollection {#1692 …}
      +categories: Doctrine\ORM\PersistentCollection {#1625 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#1443
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#1418
        date: 2023-11-02 13:51:08.0 +01:00
      }
      +__isInitialized__: true
       …2
    }
    +image: null
    +domain: App\Entity\Domain {#277
      +entries: Doctrine\ORM\PersistentCollection {#243 …}
      +name: "madaidans-insecurities.github.io"
      +entryCount: 1
      +subscriptionsCount: 0
      +subscriptions: Doctrine\ORM\PersistentCollection {#265 …}
      -id: 1090
    }
    +slug: "Just-read-Madaidans-Insecurities-Do-you-know-how-much-is"
    +title: "Just read Madaidans Insecurities. Do you know how much is still relevant?"
    +url: "https://www.madaidans-insecurities.github.io/linux.html"
    +body: """
      Basically\n
      \n
      - Sandboxing is bad, bubblewrap (used in Flatpak) is a really good implementation though. Firefox and other apps are not very well sandboxed though\n
      - The kernel is endangered through user namespaces (used in Flatpak and Podman/Docker containers i.e. in Distrobox and Toolbox too)\n
      - the root password can be extracted veeery easily, especially when entering it through a terminal. Windows “okay” button might actually be more secure!\n
      - X11 is insecure, okay we know that\n
      - the kernel is very bloated and everything in there has all the permissions, which is not needed\n
      - Kernel bugs are often not fixed quickly or at all\n
      - Stable Distros are insecure if only CVE bugs are backported, as many security bugs dont get a CVE\n
      \n
      I am currently experimenting with the hardened Kernel and hardened_malloc, I use GrapheneOS since over a year.\n
      \n
      On Linux its a bit more difficult though, as Flatpak and Distrobox dont work anymore.\n
      \n
      This would mean user namespaces need to be enabled again, which I can’t seem to make work with\n
      \n
      `sudo sysctl -w kernel.unprivileged_users_clone=1`\n
      \n
      But the file doesnt exist and creating it doesnt work, probably needs to be a karg or something?\n
      \n
      I am testing all this using the hardened mod of Ublue (a slight Fedora deviation using its image-based distribution model):\n
      \n
      [github.com/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)\n
      \n
      The images are rather opinionated though and have things like Flatpak removed, making them nearly unusable.\n
      \n
      Maybe nix is a solution? Would this be a good idea?\n
      \n
      Another point, bubblejail is not yet in the Fedora repos, which would be a way to make secure sandboxing accessible. [Here](https://github.com/rusty-snake/fedora-extras/tree/main/bubblejail) is a spec file from rusty-snake.\n
      \n
      What do you know about this?
      """
    +type: "link"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 8
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1700929355 {#2404
      date: 2023-11-25 17:22:35.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1804 …}
    +votes: Doctrine\ORM\PersistentCollection {#1927 …}
    +reports: Doctrine\ORM\PersistentCollection {#1841 …}
    +favourites: Doctrine\ORM\PersistentCollection {#2473 …}
    +notifications: Doctrine\ORM\PersistentCollection {#1535 …}
    +badges: Doctrine\ORM\PersistentCollection {#1542 …}
    +children: []
    -id: 16138
    -titleTs: "'insecur':4 'know':7 'madaidan':3 'much':9 'read':2 'relev':12 'still':11"
    -bodyTs: "'/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)':220 '/rusty-snake/fedora-extras/tree/main/bubblejail)':271 '1':177 'access':267 'actual':63 'anoth':248 'anymor':151 'app':18 'backport':110 'bad':4 'base':215 'basic':1 'bit':141 'bloat':78 'bubblejail':250 'bubblewrap':5 'bug':92,108,114 'button':61 'clone':176 'contain':37 'creat':184 'current':121 'cve':107,118 'deviat':210 'difficult':143 'distribut':216 'distro':102 'distrobox':40,148 'doesnt':181,186 'dont':115,149 'easili':51 'enabl':160 'endang':28 'enter':54 'especi':52 'everyth':80 'exist':182 'experi':122 'extract':49 'fedora':209,256 'file':180,275 'firefox':15 'fix':96 'flatpak':8,34,146,231 'get':116 'github.com':219,270 'github.com/qoijjj/hardened-images](https://github.com/qoijjj/hardened-images)':218 'github.com/rusty-snake/fedora-extras/tree/main/bubblejail)':269 'good':12,246 'grapheneo':132 'harden':125,128,203 'i.e':38 'idea':247 'imag':214,222 'image-bas':213 'implement':13 'insecur':69,104 'karg':193 'kernel':26,75,91,126 'kernel.unprivileged':174 'know':72,283 'like':230 'linux':138 'make':168,233,264 'malloc':129 'mani':112 'mayb':237 'mean':154 'might':62 'mod':204 'model':217 'namespac':31,156 'near':235 'need':90,157,189 'nix':238 'often':94 'okay':60,70 'opinion':225 'password':46 'permiss':86 'podman/docker':36 'point':249 'probabl':188 'quick':97 'rather':224 'realli':11 'remov':232 'repo':257 'root':45 'rusti':278 'rusty-snak':277 'sandbox':2,23,266 'secur':66,113,265 'seem':166 'sinc':133 'slight':208 'snake':279 'solut':241 'someth':195 'spec':274 'stabl':101 'sudo':171 'sysctl':172 'termin':58 'test':198 'thing':229 'though':14,24,144,226 'toolbox':42 'ublu':206 'unus':236 'use':6,32,131,201,211 'user':30,155,175 'veeeri':50 'w':173 'way':262 'well':22 'window':59 'work':150,169,187 'would':153,242,259 'x11':67 'year':136 'yet':253"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1700870525
    +visibility: "visible             "
    +apId: "https://feddit.de/post/5981126"
    +editedAt: null
    +createdAt: DateTimeImmutable @1700784125 {#1828
      date: 2023-11-24 01:02:05.0 +01:00
    }
  }
  -cache: Symfony\Component\Cache\Adapter\TraceableTagAwareAdapter {#600 …}
}
domain App\Twig\Components\DomainComponent 16.0 MiB 1.53 ms
Input props 
[
  "domain" => App\Entity\Domain {#277
    +entries: Doctrine\ORM\PersistentCollection {#243 …}
    +name: "madaidans-insecurities.github.io"
    +entryCount: 1
    +subscriptionsCount: 0
    +subscriptions: Doctrine\ORM\PersistentCollection {#265 …}
    -id: 1090
  }
]
Attributes 
[]
Component 
App\Twig\Components\DomainComponent {#2969
  +domain: App\Entity\Domain {#277
    +entries: Doctrine\ORM\PersistentCollection {#243 …}
    +name: "madaidans-insecurities.github.io"
    +entryCount: 1
    +subscriptionsCount: 0
    +subscriptions: Doctrine\ORM\PersistentCollection {#265 …}
    -id: 1090
  }
}
domain_sub App\Twig\Components\DomainSubComponent 16.0 MiB 0.70 ms
Input props 
[
  "domain" => App\Entity\Domain {#277
    +entries: Doctrine\ORM\PersistentCollection {#243 …}
    +name: "madaidans-insecurities.github.io"
    +entryCount: 1
    +subscriptionsCount: 0
    +subscriptions: Doctrine\ORM\PersistentCollection {#265 …}
    -id: 1090
  }
]
Attributes 
[]
Component 
App\Twig\Components\DomainSubComponent {#2994
  +domain: App\Entity\Domain {#277
    +entries: Doctrine\ORM\PersistentCollection {#243 …}
    +name: "madaidans-insecurities.github.io"
    +entryCount: 1
    +subscriptionsCount: 0
    +subscriptions: Doctrine\ORM\PersistentCollection {#265 …}
    -id: 1090
  }
}
settings_row_enum App\Twig\Components\SettingsRowEnumComponent 16.0 MiB 0.33 ms
Input props 
[
  "label" => "Sidebar position"
  "settingsKey" => "KBIN_GENERAL_SIDEBAR_POSITION"
  "values" => [
    [
      "name" => "Left"
      "value" => "LEFT"
    ]
    [
      "name" => "Right"
      "value" => "RIGHT"
    ]
  ]
  "defaultValue" => "RIGHT"
]
Attributes 
[]
Component 
App\Twig\Components\SettingsRowEnumComponent {#3148
  +label: "Sidebar position"
  +help: ""
  +settingsKey: "KBIN_GENERAL_SIDEBAR_POSITION"
  +values: [
    [
      "name" => "Left"
      "value" => "LEFT"
    ]
    [
      "name" => "Right"
      "value" => "RIGHT"
    ]
  ]
  +defaultValue: "RIGHT"
  +reloadRequired: true
}
settings_row_switch App\Twig\Components\SettingsRowSwitchComponent 16.0 MiB 0.29 ms
Input props 
[
  "label" => "Dynamic lists"
  "settingsKey" => "KBIN_GENERAL_DYNAMIC_LISTS"
]
Attributes 
[]
Component 
App\Twig\Components\SettingsRowSwitchComponent {#3220
  +label: "Dynamic lists"
  +help: ""
  +settingsKey: "KBIN_GENERAL_DYNAMIC_LISTS"
  +defaultValue: false
  +reloadRequired: true
}
settings_row_switch App\Twig\Components\SettingsRowSwitchComponent 16.0 MiB 0.21 ms
Input props 
[
  "label" => "Rounded edges"
  "settingsKey" => "KBIN_GENERAL_ROUNDED_EDGES"
]
Attributes 
[]
Component 
App\Twig\Components\SettingsRowSwitchComponent {#3283
  +label: "Rounded edges"
  +help: ""
  +settingsKey: "KBIN_GENERAL_ROUNDED_EDGES"
  +defaultValue: false
  +reloadRequired: true
}
settings_row_switch App\Twig\Components\SettingsRowSwitchComponent 16.0 MiB 0.28 ms
Input props 
[
  "label" => "Infinite scrolling"
  "help" => "Automatically load more content when you reach the bottom of the page."
  "settingsKey" => "KBIN_GENERAL_INFINITE_SCROLL"
]
Attributes 
[]
Component 
App\Twig\Components\SettingsRowSwitchComponent {#3339
  +label: "Infinite scrolling"
  +help: "Automatically load more content when you reach the bottom of the page."
  +settingsKey: "KBIN_GENERAL_INFINITE_SCROLL"
  +defaultValue: false
  +reloadRequired: true
}
settings_row_switch App\Twig\Components\SettingsRowSwitchComponent 16.0 MiB 0.25 ms
Input props 
[
  "label" => "Sticky navbar"
  "help" => "The navbar will stick to the top of the page when you scroll down."
  "settingsKey" => "KBIN_GENERAL_FIXED_NAVBAR"
]
Attributes 
[]
Component 
App\Twig\Components\SettingsRowSwitchComponent {#3398
  +label: "Sticky navbar"
  +help: "The navbar will stick to the top of the page when you scroll down."
  +settingsKey: "KBIN_GENERAL_FIXED_NAVBAR"
  +defaultValue: false
  +reloadRequired: true
}
settings_row_switch App\Twig\Components\SettingsRowSwitchComponent 16.0 MiB 0.22 ms
Input props 
[
  "label" => "Show top bar"
  "settingsKey" => "KBIN_GENERAL_TOPBAR"
]
Attributes 
[]
Component 
App\Twig\Components\SettingsRowSwitchComponent {#3454
  +label: "Show top bar"
  +help: ""
  +settingsKey: "KBIN_GENERAL_TOPBAR"
  +defaultValue: false
  +reloadRequired: true
}
settings_row_switch App\Twig\Components\SettingsRowSwitchComponent 16.0 MiB 0.21 ms
Input props 
[
  "label" => "Turbo mode (experimental)"
  "settingsKey" => "KBIN_GENERAL_TURBO"
]
Attributes 
[]
Component 
App\Twig\Components\SettingsRowSwitchComponent {#3510
  +label: "Turbo mode (experimental)"
  +help: ""
  +settingsKey: "KBIN_GENERAL_TURBO"
  +defaultValue: false
  +reloadRequired: true
}
user_settings_row_switch App\Twig\Components\UserSettingsRowSwitchComponent 16.0 MiB 0.65 ms
Input props 
[
  "label" => "Mark new comments"
  "settingsKey" => "KBIN_MARK_NEW_COMMENTS"
]
Attributes 
[]
Component 
App\Twig\Components\UserSettingsRowSwitchComponent {#3568
  +label: "Mark new comments"
  +help: ""
  +settingsKey: "KBIN_MARK_NEW_COMMENTS"
  +defaultValue: false
  +reloadRequired: true
}
settings_row_switch App\Twig\Components\SettingsRowSwitchComponent 16.0 MiB 0.23 ms
Input props 
[
  "label" => "Show "Support Us" block"
  "settingsKey" => "KBIN_GENERAL_SUPPORT_US_BLOCK"
  "defaultValue" => true
]
Attributes 
[]
Component 
App\Twig\Components\SettingsRowSwitchComponent {#3631
  +label: "Show "Support Us" block"
  +help: ""
  +settingsKey: "KBIN_GENERAL_SUPPORT_US_BLOCK"
  +defaultValue: true
  +reloadRequired: true
}
user_settings_row_switch App\Twig\Components\UserSettingsRowSwitchComponent 16.0 MiB 0.25 ms
Input props 
[
  "label" => "Show subscribed users"
  "settingsKey" => "KBIN_SUB_CHANNEL_USERS"
]
Attributes 
[]
Component 
App\Twig\Components\UserSettingsRowSwitchComponent {#3689
  +label: "Show subscribed users"
  +help: ""
  +settingsKey: "KBIN_SUB_CHANNEL_USERS"
  +defaultValue: false
  +reloadRequired: true
}
user_settings_row_switch App\Twig\Components\UserSettingsRowSwitchComponent 16.0 MiB 0.14 ms
Input props 
[
  "label" => "Show subscribed magazines"
  "settingsKey" => "KBIN_SUB_CHANNEL_MAGAZINES"
]
Attributes 
[]
Component 
App\Twig\Components\UserSettingsRowSwitchComponent {#3745
  +label: "Show subscribed magazines"
  +help: ""
  +settingsKey: "KBIN_SUB_CHANNEL_MAGAZINES"
  +defaultValue: false
  +reloadRequired: true
}
user_settings_row_switch App\Twig\Components\UserSettingsRowSwitchComponent 16.0 MiB 0.13 ms
Input props 
[
  "label" => "Show subscribed domains"
  "settingsKey" => "KBIN_SUB_CHANNEL_DOMAINS"
]
Attributes 
[]
Component 
App\Twig\Components\UserSettingsRowSwitchComponent {#3801
  +label: "Show subscribed domains"
  +help: ""
  +settingsKey: "KBIN_SUB_CHANNEL_DOMAINS"
  +defaultValue: false
  +reloadRequired: true
}
settings_row_switch App\Twig\Components\SettingsRowSwitchComponent 16.0 MiB 0.12 ms
Input props 
[
  "label" => "Auto media preview"
  "help" => "Automatically expand media previews."
  "settingsKey" => "KBIN_ENTRIES_SHOW_PREVIEW"
]
Attributes 
[]
Component 
App\Twig\Components\SettingsRowSwitchComponent {#3857
  +label: "Auto media preview"
  +help: "Automatically expand media previews."
  +settingsKey: "KBIN_ENTRIES_SHOW_PREVIEW"
  +defaultValue: false
  +reloadRequired: true
}
settings_row_switch App\Twig\Components\SettingsRowSwitchComponent 16.0 MiB 0.12 ms
Input props 
[
  "label" => "Compact view"
  "settingsKey" => "KBIN_ENTRIES_COMPACT"
]
Attributes 
[]
Component 
App\Twig\Components\SettingsRowSwitchComponent {#3913
  +label: "Compact view"
  +help: ""
  +settingsKey: "KBIN_ENTRIES_COMPACT"
  +defaultValue: false
  +reloadRequired: true
}
settings_row_switch App\Twig\Components\SettingsRowSwitchComponent 16.0 MiB 0.12 ms
Input props 
[
  "label" => "Show users’ avatars"
  "settingsKey" => "KBIN_ENTRIES_SHOW_USERS_AVATARS"
]
Attributes 
[]
Component 
App\Twig\Components\SettingsRowSwitchComponent {#3969
  +label: "Show users’ avatars"
  +help: ""
  +settingsKey: "KBIN_ENTRIES_SHOW_USERS_AVATARS"
  +defaultValue: false
  +reloadRequired: true
}
settings_row_switch App\Twig\Components\SettingsRowSwitchComponent 16.0 MiB 0.12 ms
Input props 
[
  "label" => "Show magazines’ icons"
  "settingsKey" => "KBIN_ENTRIES_SHOW_MAGAZINES_ICONS"
]
Attributes 
[]
Component 
App\Twig\Components\SettingsRowSwitchComponent {#4025
  +label: "Show magazines’ icons"
  +help: ""
  +settingsKey: "KBIN_ENTRIES_SHOW_MAGAZINES_ICONS"
  +defaultValue: false
  +reloadRequired: true
}
settings_row_switch App\Twig\Components\SettingsRowSwitchComponent 16.0 MiB 0.12 ms
Input props 
[
  "label" => "Show thumbnails"
  "settingsKey" => "KBIN_ENTRIES_SHOW_THUMBNAILS"
  "defaultValue" => true
]
Attributes 
[]
Component 
App\Twig\Components\SettingsRowSwitchComponent {#4081
  +label: "Show thumbnails"
  +help: ""
  +settingsKey: "KBIN_ENTRIES_SHOW_THUMBNAILS"
  +defaultValue: true
  +reloadRequired: true
}
settings_row_switch App\Twig\Components\SettingsRowSwitchComponent 16.0 MiB 0.20 ms
Input props 
[
  "label" => "Auto media preview"
  "help" => "Automatically expand media previews."
  "settingsKey" => "KBIN_POSTS_SHOW_PREVIEW"
]
Attributes 
[]
Component 
App\Twig\Components\SettingsRowSwitchComponent {#4137
  +label: "Auto media preview"
  +help: "Automatically expand media previews."
  +settingsKey: "KBIN_POSTS_SHOW_PREVIEW"
  +defaultValue: false
  +reloadRequired: true
}
settings_row_switch App\Twig\Components\SettingsRowSwitchComponent 16.0 MiB 0.13 ms
Input props 
[
  "label" => "Show users’ avatars"
  "settingsKey" => "KBIN_POSTS_SHOW_USERS_AVATARS"
  "defaultValue" => true
]
Attributes 
[]
Component 
App\Twig\Components\SettingsRowSwitchComponent {#4193
  +label: "Show users’ avatars"
  +help: ""
  +settingsKey: "KBIN_POSTS_SHOW_USERS_AVATARS"
  +defaultValue: true
  +reloadRequired: true
}
settings_row_enum App\Twig\Components\SettingsRowEnumComponent 16.0 MiB 0.19 ms
Input props 
[
  "label" => "Comment reply position"
  "help" => "Display the comment reply form either at the top or bottom of the page. When 'infinite scroll' is enabled the position will always appear at the top."
  "settingsKey" => "KBIN_COMMENTS_REPLY_POSITION"
  "values" => [
    [
      "name" => "top"
      "value" => "TOP"
    ]
    [
      "name" => "bottom"
      "value" => "BOTTOM"
    ]
  ]
  "defaultValue" => "TOP"
]
Attributes 
[]
Component 
App\Twig\Components\SettingsRowEnumComponent {#4249
  +label: "Comment reply position"
  +help: "Display the comment reply form either at the top or bottom of the page. When 'infinite scroll' is enabled the position will always appear at the top."
  +settingsKey: "KBIN_COMMENTS_REPLY_POSITION"
  +values: [
    [
      "name" => "top"
      "value" => "TOP"
    ]
    [
      "name" => "bottom"
      "value" => "BOTTOM"
    ]
  ]
  +defaultValue: "TOP"
  +reloadRequired: true
}
settings_row_switch App\Twig\Components\SettingsRowSwitchComponent 16.0 MiB 0.18 ms
Input props 
[
  "label" => "Show Comment Avatars"
  "help" => "Display/hide user avatars when viewing comments on a single thread or post."
  "settingsKey" => "KBIN_COMMENTS_SHOW_USER_AVATAR"
  "defaultValue" => true
]
Attributes 
[]
Component 
App\Twig\Components\SettingsRowSwitchComponent {#4307
  +label: "Show Comment Avatars"
  +help: "Display/hide user avatars when viewing comments on a single thread or post."
  +settingsKey: "KBIN_COMMENTS_SHOW_USER_AVATAR"
  +defaultValue: true
  +reloadRequired: true
}
related_magazines App\Twig\Components\RelatedMagazinesComponent 16.0 MiB 2.10 ms
Input props 
[
  "magazine" => null
  "tag" => null
]
Attributes 
[]
Component 
App\Twig\Components\RelatedMagazinesComponent {#4372
  +limit: 4
  +tag: null
  +magazine: null
  +type: "random"
  +title: "random_magazines"
  +refreshedRandom: false
  -repository: App\Repository\MagazineRepository {#4373 …}
  -cache: Symfony\Component\Cache\Adapter\TraceableTagAwareAdapter {#600 …}
  -twig: Twig\Environment {#1252 …}
  -requestStack: Symfony\Component\HttpFoundation\RequestStack {#1328 …}
}
active_users App\Twig\Components\ActiveUsersComponent 16.0 MiB 0.24 ms
Input props 
[
  "magazine" => null
]
Attributes 
[]
Component 
App\Twig\Components\ActiveUsersComponent {#4462
  +magazine: null
  -userRepository: App\Repository\UserRepository {#603 …}
  -cache: Symfony\Component\Cache\Adapter\TraceableTagAwareAdapter {#600 …}
  -twig: Twig\Environment {#1252 …}
  -requestStack: Symfony\Component\HttpFoundation\RequestStack {#1328 …}
}
related_categories App\Twig\Components\RelatedCategoriesComponent 16.0 MiB 1.51 ms
Input props 
[
  "magazine" => null
  "tag" => null
]
Attributes 
[]
Component 
App\Twig\Components\RelatedCategoriesComponent {#4521
  +limit: 4
  +tag: null
  +magazine: null
  +type: "random"
  +title: "random_categories"
  +refreshedRandom: false
  -repository: App\Repository\CategoryRepository {#4522 …}
  -cache: Symfony\Component\Cache\Adapter\TraceableTagAwareAdapter {#600 …}
  -twig: Twig\Environment {#1252 …}
  -requestStack: Symfony\Component\HttpFoundation\RequestStack {#1328 …}
}
related_posts App\Twig\Components\RelatedPostsComponent 16.0 MiB 1.93 ms
Input props 
[
  "magazine" => null
  "tag" => null
]
Attributes 
[]
Component 
App\Twig\Components\RelatedPostsComponent {#4592
  +limit: 4
  +tag: null
  +magazine: null
  +type: "random"
  +post: null
  +title: "random_posts"
  +refreshedRandom: false
  -repository: App\Repository\PostRepository {#4591 …}
  -cache: Symfony\Component\Cache\Adapter\TraceableTagAwareAdapter {#600 …}
  -twig: Twig\Environment {#1252 …}
  -requestStack: Symfony\Component\HttpFoundation\RequestStack {#1328 …}
  -mentionManager: App\Service\MentionManager {#2327 …}
}
related_entries App\Twig\Components\RelatedEntriesComponent 16.0 MiB 1.71 ms
Input props 
[
  "magazine" => null
  "tag" => null
]
Attributes 
[]
Component 
App\Twig\Components\RelatedEntriesComponent {#4661
  +limit: 4
  +tag: null
  +magazine: null
  +type: "random"
  +entry: null
  +title: "random_entries"
  +refreshedRandom: false
  -repository: App\Repository\EntryRepository {#556 …}
  -cache: Symfony\Component\Cache\Adapter\TraceableTagAwareAdapter {#600 …}
  -twig: Twig\Environment {#1252 …}
  -requestStack: Symfony\Component\HttpFoundation\RequestStack {#1328 …}
  -mentionManager: App\Service\MentionManager {#2327 …}
}
support_us_block App\Twig\Components\SupportUsBlock 16.0 MiB 0.19 ms
Input props 
[]
Attributes 
[]
Component 
App\Twig\Components\SupportUsBlock {#4730
  +subject: ? App\Entity\Contracts\VotableInterface
  +url: ? string
  -twig: Twig\Environment {#1252 …}
  -cache: Symfony\Component\Cache\Adapter\TraceableTagAwareAdapter {#600 …}
  -requestStack: Symfony\Component\HttpFoundation\RequestStack {#1328 …}
  -partnerBlockRepository: App\Repository\PartnerBlockRepository {#4731 …}
}
featured_magazines App\Twig\Components\FeaturedMagazinesComponent 16.0 MiB 0.93 ms
Input props 
[
  "magazine" => null
]
Attributes 
[]
Component 
App\Twig\Components\FeaturedMagazinesComponent {#4823
  +magazine: null
  -twig: Twig\Environment {#1252 …}
  -repository: App\Repository\MagazineRepository {#4373 …}
}