bubblewrap: bubblewrap (Unprivileged sandboxing tool)
bubblewrap: 
bubblewrap: There is an effort in the Linux kernel called user namespaces which
bubblewrap: attempts to allow unprivileged users to use container features. While
bubblewrap: significant progress has been made, there are still concerns about it,
bubblewrap: and it is not available to unprivileged users in several production
bubblewrap: distributions. Bubblewrap could be viewed as setuid implementation of
bubblewrap: a subset of user namespaces. Emphasis on subset - specifically
bubblewrap: relevant to the above CVE, bubblewrap does not allow control over
bubblewrap: iptables.
bubblewrap: