But, what are "restricted unprivileged user namespaces," you ask? Well, let me start by explaining what "unprivileged user namespaces" are. They're a Linux kernel feature that was introduced in the Linux 3.8 kernel in 2019. The idea was to avoid the security problem caused by the Linux permission privilege model, which divides users into two groups: Normal users and superusers, aka root users. The problem is that when acting as a superuser, there's nothing you can't do. Burn the system to the ground? Sure! Go for it.
There are ways around this problem in this model, but the unprivileged user namespaces were an attempt to secure Linux by enabling administrators to set up sandboxes or containers where a normal user could act as a superuser inside a container to perform administrative tasks without being root on the master Linux system.
But then if hackers obtained root privileges within the container, they could break out and wreak havoc in the host system. Whoops!
Unprivileged user namespaces have proven to be a double-edged sword. While they are instrumental in creating secure application sandboxes and replacing many uses of setuid and setguid programs, they expose kernel interfaces to unprivileged users, leading to potential security vulnerabilities. These namespaces have been implicated in several privilege escalation exploit chains.
Ubuntu 23.10 is addressing this challenge head-on. The new release will feature restricted unprivileged user namespaces controlled and regulated by AppArmor policies. This selective approach ensures that only authorized applications can access and utilize these namespaces, significantly mitigating the associated security risks.
In this case, you can use AppArmor to allow and disallow unprivileged user namespaces selectively via an AppArmor policy on a per-application basis. Canonical will supply pre-built AppArmor policies for popular programs like Chrome, Firefox, and Thunderbird.
This feature is exclusive to Ubuntu 23.10 and will not impact users of previous versions. It marks a significant step in Ubuntu's ongoing efforts to future-proof the security of its operating system against evolving cybersecurity threats while ensuring that user experience remains at the forefront.