Bug#898446: Please reconsider enabling the user namespaces by default

[Jordan Glover <Golden_Miller83@protonmail.ch>]

I think there are two aspects here. (In)security of unpriv user ns is one of them - personally I'm in favor of opinions from people who argue that the attack vector they open will remain for foreseeable future because kernel is simply too big to fix all bugs. The other thing is that containers & sandboxes ecosystem moved strong towards unpriv user ns which makes them nerfed or unusable on systems which don't support them. In result this is the choice between insecurity and obscurity.

In current state downstream devs may just not care about debian, ask users to enable unpriv user ns or prepare special "debian edition" version of their stuff like suid bwrap which brings security issues on their own[1] (among other problems).

As it was noted vast majority of other distros calculated the costs in favor of enabling unpriv user ns but one need to know that equation has two sides and whether you think unpriv user ns are secure or not is only one of them.

Jordan

[1] https://github.com/containers/bubblewrap/security/advisories/GHSA-j2qp-rvxj-43vj