Comment by yalogin
Aren’t there existing methods to do this using selinux or apparmor?
Aren’t there existing methods to do this using selinux or apparmor?
You need to be root to set those up. These are typically admin-driven policies, not dev-driven. Landlock is unprivileged, meaning that a program can set its own policy up without root.
This is massive since most ways of dropping privileges on Linux require already having significant permissions (ie: root).
Yes, but basically nobody uses either of those things. Some vendors like Redhat enables some of it by default, but when people have issues getting software to work, the first thing they are told to try is to turn all that stuff off.
Which means in the real world, the likelihood of that stuff being on and secure is fairly low, but not zero.
With landlock, pledge/unveil and similar tech, the developers of the software write and configure it, it's on by default and probably can't be turned off(or at least not easily).