Alyssa Ross writes: > This all sounds fine, BUT there are a couple of important things to bear > in mind: > > • This needs to be maintainable. I don't know how much code this is > going to be our how complex it's going to be, but that this will be > totally custom does make me a bit concerned. When you submit this, it might be helpful if you can structure it as adding one sandboxing feature at a time (and ideally ordered by your expectation of least to most controversial), so we can start getting it in gradually. A small program that adds landlock rules sounds fine. Once we start getting into namespaces I get a little scared. (Not saying no, just that I'd expect we'll have to discuss it more.)