Techly NewsGet the app

Get the latest tech news

Linux's Landlock Sandboxed Apps Could Remove Restrictions On Itself


Merged back in 2021 for Linux 5.13 was Landlock as a means of unprivileged application sandboxing

For apps that have access to the fork() and keyctl() system calls, it turns out it's been possible to get rid of all Landlock restrictions on the sandboxed application itself. This has existed going back to the code merged in 2021 within the bits for setting up the security framework and credential management for this means of unprivileged access control. But the good news is Google engineer Jann Horn has now dealt with this issue of locking track of Landlock restrictions within the "cred_transfer" code.

Get the Android app

Or read this on Phoronix

Read more on:

Photo of Linux

Linux

Photo of apps

apps

Photo of restrictions

restrictions

Related news:

News photo

Thanks Intel: RISC-V Sees NUMA Support For ACPI-Based Systems In Linux 6.11

News photo

How to set up and use apps on the Samsung Galaxy Z Flip 6 cover screen

News photo

5 Linux commands for better group management (and how to use them)

« The US fiscal mess: Some unpleasant fiscal simulations
A massive Pixel 9 leak ruins the suspense ahead of Google's big event »