Seems I'm not the only one who's quite concerned about the ongoing security impact of user namspaces, as the recent/current discussion about some LSM patches for 6.1 shows:99% of all code does NOT WANT the user namespace thing, and it's been a big new attack surface for the kernel getting things subtly wrong.It's still a shame to see that Debian intentionally sacrifices the security of *all* users just for the needs of very few.
I'd very much like to see where Linus gets his "99%" from. Sounds a like like a "I'm not using it, so 99% of all users aren't using it". Podman certainly supports and uses them, when run as non-root. [1] [2]
The whole point of user namespaces is to *reduce* the attack surface, not increase it. If you don't have a comparable feature, you need to give your applications more power, increasing the risk of system compromise overall.
For example: Running containers or container runtimes as root.That the implementation has serious issues like this one is sad, but it is more of an indication that the feature wasn't quite ready for general consumption yet, not that it's a bad feature per se. And how would you build a user base and discover issues without making the feature available to the general public?
[1] https://medium.com/techbull/what-is-user-namespace-and-podmans-rootless-containers-fc4c292c6bad
[2] https://opensource.com/article/18/12/podman-and-user-namespaces