Sandbox I2P
We want to mitigate the impact of security vulnerabilities that I2P may have. The goals would be:
- make privilege escalation from the
i2psvc
user harder - make it harder to read identifiers of the local system, user, etc.
Most likely, we’ll want to use AppArmor to do so. Now, it may be hard to confine a Java application in a useful way with AppArmor.
Feature Branch: kytv:feature/7724-sandbox-i2p
Subtasks
Related issues
- Related to #5370 (closed)
- Related to #9949 (closed)
-
Blocked by #9229 (closed) -
Blocked by #9830 (closed) -
Blocked by #12264
Original created by @intrigeri on 7724 (Redmine)