Landlock shines when an application has a predictable set of files or directories it needs. For example, a web server could restrict itself to accessing only /var/www/html and /tmp.

The author reminds Linux has security issues on most major distributions and each tools trying to improve the state of securit on Linux has drawbacks: Containerization, Flatpak, Firejail, seccomp, SELinux, AppArmor and Landlock.

Landlock fills a major gap: a simple, self-cotnained unprivileged sandboxing tool.

Read more on the landlock.io