Announcement

Collapse
No announcement yet.

Still In Development, Landlock Aims To Yield Powerful Security Sandboxes For Linux

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Michael_S
    replied
    Originally posted by unixfan2001 View Post

    Neither Flatpak, nor Snappy, nor AppImage let non-root users set up sandboxes.
    That's done by an SUID helper. Usually Bubblewrap (Flatpak and Snappy both use that one), in the case of AppImage Bubblewrap or Firejail.
    Thanks. I didn't know.

    Leave a comment:


  • unixfan2001
    replied
    Originally posted by Michael_S View Post
    I had to search what eBPF means, I think it's extended Berkeley Packet Filter. If everyone else knew that already, then sorry for my ignorance.

    So really the big innovation here is to let non-root users set up application sandboxes? I thought Snappy, Flatpak, AppImage, etc... facilitated that? Or do you still need root to install all of them?
    Neither Flatpak, nor Snappy, nor AppImage let non-root users set up sandboxes.
    That's done by an SUID helper. Usually Bubblewrap (Flatpak and Snappy both use that one), in the case of AppImage Bubblewrap or Firejail.

    Leave a comment:


  • Jabberwocky
    replied
    I hope it takes less time to study compared to SELinux/AppArmor (from a user's perspective).

    Leave a comment:


  • Michael_S
    replied
    I had to search what eBPF means, I think it's extended Berkeley Packet Filter. If everyone else knew that already, then sorry for my ignorance.

    So really the big innovation here is to let non-root users set up application sandboxes? I thought Snappy, Flatpak, AppImage, etc... facilitated that? Or do you still need root to install all of them?

    Leave a comment:


  • Still In Development, Landlock Aims To Yield Powerful Security Sandboxes For Linux

    Phoronix: Still In Development, Landlock Aims To Yield Powerful Security Sandboxes For Linux

    The Landlock Linux Security Module (LSM) continues to be in development and has now been revised for its seventh time. The last time we wrote about this LSM was last September while over the weekend the newest patches have surfaced...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
Working...
X