From: Antony Antony <[email protected]> Date: Thu, 27 Aug 2020 22:15:36 +0200
> If there is a way to set lockdown per net namespace it would be > better than /proc/sys/core/net/xfrm_redact_secret. Lockmode is a whole system attribute. As should any facility that restricts access to keying information stored inside of the kernel.
