Ubuntu's sandbox for unprivileged namespaces flops like a soggy cardboard box; one keen Twitter user blew wide open a glaring weakness. Billed as invincible, these post-exploitation defenses crumbled when a process shimmies into an unconfined AppArmor profile. Suddenly, infamous attack paths throw up a welcome sign.
