From: Antony Antony <antony.ant...@secunet.com> Date: Thu, 27 Aug 2020 22:15:36 +0200
> If there is a way to set lockdown per net namespace it would be > better than /proc/sys/core/net/xfrm_redact_secret. Lockmode is a whole system attribute. As should any facility that restricts access to keying information stored inside of the kernel.
