Comment by eqvinox

14 hours ago

If you don't need it (rootless containers), you can disable unprivileged userns to block these two:

  echo 1 | sudo tee /proc/sys/kernel/apparmor_restrict_unprivileged_userns

May also break sandboxes (e.g. browser) though.

0 comments

eqvinox

No comments yet