Evaluate current state of Linux namespaces

We should evaluate if a container-based solution (e.g. LXC or unshare(1)) is now a viable, secure-enough solution for creating isolated jails.

See the blueprint for the current state of our research.

Original created by @intrigeri on 6178 (Redmine)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information