Bug#1012547: linux: disable user namespaces per default

[Philippe Cerfon <philcerf@gmail.com>]

On Mon, Jun 13, 2022 at 4:56 PM Ben Hutchings <ben@decadent.org.uk> wrote:
> This is wrong.

Well quite apparently not.

> On the desktop, browsers and Flatpak rely on user
> namespaces for sandboxing (with an alternative being to install more
> programs setuid-root).

At least firefox doesn't seem to need it, neither does KDE, LXDE or
Cinnamon. And last time I've looked, dpkg was still the main and
default package system of Debian, and flatpak just some random
external one. Though maybe one should rename Debian Flatian.

> On servers, use of containers is increasingly
> common.  This is not "special use", it's absolutely standard.

Just as it's absolutely standard not to have any containers.


> We made the decision that the benefits of sandboxing with user
> namespaces are likely to outweigh the risks, on most systems.  Nothing
> you've said convinces me to alter that assessment.

Well I guess the 6 or so root security holes, and counting, probably
just don't matter to Debian then. What does it matter if people's
system are compromised over and over again, as long as the needs of a
fraction of users are satisfied and a special technology runs out of
the box.