Y
Hacker News
new
|
ask
|
show
|
jobs
by
ximm
458 days ago
This looks nice, but I fail to see any use cases that cannot be handled with bwrap and mount namespaces.
2 comments
amarshall
458 days ago
Some systems or admins may not trust unprivileged namespacing (thus disabling and its use requiring root), while Landlock may be enabled (and is specifically designed to be used by unprivileged processes).
link
1oooqooq
458 days ago
namespace, specially user and net, are terrible to setup and use.
I'm not sure this is better, but assuming it is by the author into.
link