Understanding the AppArmor user namespace restriction feature Ubuntu 23.10 and 24.04 LTS introduced new AppArmor-based features to reduce the attack surface presented by unprivileged user namespaces in the Linux kernel. Unprivileged user namespaces are a feature in the Linux kernel that was introduced in order to provide additional sandboxing functionality for programs such as container runtimes; it enables unprivileged users to gain administrator (root) permissions within a confined environment...
  • moonpiedumplings@programming.dev
    8·
    7 days ago

    I despise the way Canonical pretends discourse forum posts by their team members* are documentation.

    I’ve noticed they have been a bit better lately, and have migrated much of the posts to their documentation, but it seems they are doing it again.

    As this is developed, we will update this post to link to the new documentation and feature release notes.

    Pro tip: You could have just made the documentation directly, with the content of this post. Or maybe a blog post. But please stop with the forum posts. They are very confusing for people not used to these… unique locations.

    *Not that people are easily able to find this out when they don’t give any indication that the forum post is something other than just another post by a rando. Actually, I’m just guessing here, based on the quoted reply, for all I know this could be a post by someone unrelated to Canonical. The account is 3 months, and the post itself is identical to a regular forum post from a regular forum member…

    • notanapple@lemm.eeEnglish
      4·
      7 days ago

      They should at least make a docs tag or similar and tag all these documentation like posts with it.