> I'd say that's a weird request as pledge/unveil are significantly less secure, even coming close to security theater IMO.
Compared to not using AppArmor, or compared to using AppArmor? The situation I'm concerned about is having an opt-in profile. (NB I don't understand how AppArmor works—linux security profiles are super confusing.)
Compared to not using AppArmor, or compared to using AppArmor? The situation I'm concerned about is having an opt-in profile. (NB I don't understand how AppArmor works—linux security profiles are super confusing.)