From 5eead0ad5a6f516605b0db8e2b283e87728ae6cb Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 7 Sep 2021 22:50:57 -0400
Subject: [PATCH] disable unprivileged userns for regular kernels

---
 local.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/local.conf b/local.conf
index b9a9000..728db4b 100644
--- a/local.conf
+++ b/local.conf
@@ -20,6 +20,8 @@ vm.mmap_rnd_compat_bits = 16
 
 kernel.kptr_restrict = 2
 
+kernel.unprivileged_userns_clone = 0
+
 kernel.unprivileged_bpf_disabled = 1
 net.core.bpf_jit_harden = 2