Sandbox I2P

We want to mitigate the impact of security vulnerabilities that I2P may have. The goals would be:

• make privilege escalation from the i2psvc user harder
• make it harder to read identifiers of the local system, user, etc.

Most likely, we’ll want to use AppArmor to do so. Now, it may be hard to confine a Java application in a useful way with AppArmor.

Feature Branch: kytv:feature/7724-sandbox-i2p

Subtasks

• #10572
• #10573 (closed)
• #10924
• #10925 (closed)

Related issues

• Related to #5370 (closed)
• Related to #9949 (closed)
• Blocked by #9229 (closed)
• Blocked by #9830 (closed)
• Blocked by #12264

Original created by @intrigeri on 7724 (Redmine)