Unless I am mistaken, changing the .openlock/config.yaml (e.g., adding a mount) or .openlock/policy.yaml (e.g., adding an endpoint) requires rebuilding the sandbox container, which makes sense. It would be nice if the tool detected the changes (e.g., by checking file hashes) and act on it when resuming an existing sandbox session by either printing a warning or rebuilding the sandbox. I am not sure if there are some undesired consequences of the latter option.
Unless I am mistaken, changing the
.openlock/config.yaml(e.g., adding a mount) or.openlock/policy.yaml(e.g., adding an endpoint) requires rebuilding the sandbox container, which makes sense. It would be nice if the tool detected the changes (e.g., by checking file hashes) and act on it when resuming an existing sandbox session by either printing a warning or rebuilding the sandbox. I am not sure if there are some undesired consequences of the latter option.