Gros plan sur le #sandboxing applicatif moderne pour #Linux avec #Landlock dans le nouveau MISC.
Un article à retrouver dans notre numéro actuellement disponible en kiosque & sur boutique.ed-diamond.com/nouveautes/1... (version numérique ou papier avec ports offerts).
I gave a talk at #FOSDEM about Island: Sandboxing tool powered by #Landlock
fosdem.org/2026/schedul...
The blog post dives into how #Landlock, originally designed as a security hardening mechanism, can also become a powerful source of telemetry for detection engineering on #Linux systems.
🐧 Leveraging #Landlock Telemetry for #Linux Detection Engineering
Sekoia #TDR explores how Linux Landlock telemetry can be leveraged to build high-fidelity, low-noise detections by observing sandbox policy violations.
blog.sekoia.io/leveraging-l...
Just released Island 🏝️, a sandboxing tool powered by #Landlock.
It auto‑confines processes according to the caller's context (e.g. CWD) and comes with slick Zsh integration, so you can use your terminal naturally without command prefixes. Feedback welcome!
github.com/landlock-lsm...
Hardening with Firejail, Landlock, and bubblewrap #security #linux #bwrap #landlock #firejail advancedweb.hu/shorts/harde...
APORTE NUEVO:
Landlock (OVA)
lecv140291animes.blogspot.com/2025/11/land...
#ランドロック #Landlock #animedescargas #anime
Configuration example in TOML
I gave a (second) talk at #linuxsecuritysummit on a new configuration format, #Landlock Config, designed to define sandboxing security policies in JSON or TOML.
lsseu2025.sched.com/event/25GET
You can easily try it: github.com/landlock-lsm...
Feedback welcome!
OpenAI Codex CLI leveraging Landlock sandboxing
AI agents can potentially gain extensive access to user data, and even write or execute arbitrary code.
OpenAI Codex CLI uses #Landlock sandboxing to reduce the risk of buggy or malicious commands: github.com/openai/codex...
I just published the fifth #Landlock newsletter! 🤓
- new kernel features: IPC scoping and audit logs
- kernel fixes
- library and talk updates
- new doc
- new open source Landlock users
- RHEL support
lore.kernel.org/landlock/202...
I released a new version of the #Landlock crate: github.com/landlock-lsm...
We can now easily restrict signal sending and connections to abstract UNIX sockets for #rustlang programs.
'Landrun': Lightweight Linux Sandboxing With Landlock, No Root Required #Technology #SoftwareandApps #Other #Linux #Sandboxing #Landlock
Landrun isolation de processus sous Linux sans accès root ni conteneurisation https://github.com
linuxfr.org/users/woffer/liens/landr...
#sandbox #linux #lsm #isolation #golang #landlock
Event Attributes
Landrun isolation de processus sous Linux sans accès root ni conteneurisation https://github.com
linuxfr.org/users/woffer/liens/landr...
#sandbox #linux #lsm #isolation #golang #landlock #jail
Event Attributes
I'll give a talk at #FOSDEM: #Sandbox IDs with #Landlock
We'll talk about the challenges to identify sandboxed processes in a safe and unprivileged way, and how that could be used to identify #containers.
fosdem.org/2025/schedul...
#FOSDEM2025 #container
