Hacker News: Front Page
shared a link post in group #Stream of Goodies
docs.kernel.org
Landlock: unprivileged access control — The Linux Kernel documentation
The goal of Landlock is to enable to restrict ambient rights (e.g. global filesystem or network access) for a set of processes. Because Landlock is a stackable LSM, it makes possible to create safe se