Feature Request

Jailer could use Landlock to confine guest VM's processes further, restricting fine-grained file system access than what current chroot can provide. This would be a defense in depth mechanism if the VM escape or host compromise is attempted.

Describe the desired solution

Landlock would allows apps inside guest VM to have nested sandboxing for file paths.

Describe possible alternatives

Keep using existing chroot trick. But that's not ideal.

Additional context

I'm working on an OS similar to QubesOS where every app is a microVM.

Checks

• Have you searched the Firecracker Issues database for similar requests?
• Have you read all the existing relevant Firecracker documentation?
• Have you read and understood Firecracker's core tenets?