[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1120073: RFP: landrun -- unprivileged Linux process sandboxing

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: Simon Josefsson <simon@josefsson.org>

* Package name    : landrun
  Version         : 0.1.15
  Upstream Author : Armin ranjbar
* URL             : https://github.com/zouuup/landrun
* License         : MIT
  Programming Lang: Go
  Description     : unprivileged Linux process sandboxing

Run any Linux process in a secure, unprivileged sandbox using
Landlock. Think firejail, but lightweight, user-friendly, and baked into
the kernel.

Requires Linux kernel 5.13 or later with Landlock enabled, Linux kernel
6.7 or later for network restrictions (TCP bind/connect) and Go 1.18 or
later (for building from source).

This tool got some press coverage earlier in
<URL: https://linux.slashdot.org/story/25/04/05/217212/landrun-lightweight-linux-sandboxing-with-landlock-no-root-required >.

This is related to <URL: https://bugs.debian.org/1096137 > for packaging
golang-github-landlock-lsm-go-landlock, and I suspect
golang-github-landlock-lsm-go-landlock is a dependency of landrun.

-- 
Happy hacking
Petter Reinholdtsen
Reply to: