Comment by staticassertion

You need to be root to set those up. These are typically admin-driven policies, not dev-driven. Landlock is unprivileged, meaning that a program can set its own policy up without root.

This is massive since most ways of dropping privileges on Linux require already having significant permissions (ie: root).