Open fira959 opened 3 months ago
One of the sandboxing features currently missing is landlock, which would allow for easy and comprehensive filesystem isolation. In many usecases, a combination of seccomp and landlock would make good alternative to the use of namespaces.
One of the sandboxing features currently missing is landlock, which would allow for easy and comprehensive filesystem isolation. In many usecases, a combination of seccomp and landlock would make good alternative to the use of namespaces.