I’m happy to announce the latest version of `landlock`, a Haskell library to access the Linux Landlock LSM API. This version updates the library to expose all Landlock features up to Linux 6.2 (Landlock ABI 3). It also introduces `landlocked`[1], a utility to spawn some process in a landlocked environment, and serves as a demo of how to use the API (next to the library documentation[2] and README.md[3]). It’s available on Hackage[4] and GitHub[5]. The Linux kernel Landlock API provides unprivileged access control. The goal of Landlock is to enable to restrict ambient rights (e.g. global filesystem access) for a set of processes. Because Landlock is a stackable LSM, it makes possible to create safe security sandboxes as new security layers in addition to the existing system-wide access- controls. This kind of sandbox is expected to help mitigate the security impact of bugs or unexpected/malicious behaviors in user space applications. Landlock empowers any process, including unprivileged ones, to securely restrict themselves. For more information, see the Landlock homepage[6] and its kernel documentation[7]. [1] https://github.com/NicolasT/landlock-hs/blob/27d2d95478f8c85cfbf4025bb41d57d... [2] https://hackage.haskell.org/package/landlock-0.2.1.0/docs/System-Landlock.ht... [3] https://github.com/NicolasT/landlock-hs/tree/main/landlock#readme [4] https://hackage.haskell.org/package/landlock-0.2.1.0 [5] https://github.com/NicolasT/landlock-hs [6] https://landlock.io/ [7] https://docs.kernel.org/userspace-api/landlock.html