Evaluate current state of Linux namespaces
We should evaluate if a container-based solution (e.g. LXC or unshare(1)) is now a viable, secure-enough solution for creating isolated jails.
See the blueprint for the current state of our research.
Blueprint: https://tails.boum.org/blueprint/Linux_containers/
Related issues
- Related to #5525 (closed)
- Related to #9534 (closed)
- Related to #15874
Original created by @intrigeri on 6178 (Redmine)