From 72c7ae3d1d5455fcf82f02dd5d897bb55609f2a8 Mon Sep 17 00:00:00 2001
From: madaidan <50278627+madaidan@users.noreply.github.com>
Date: Sat, 4 Apr 2020 15:54:55 +0000
Subject: [PATCH] Run apps in an IPC namespace

---
 usr/bin/sandbox-app-launcher | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/usr/bin/sandbox-app-launcher b/usr/bin/sandbox-app-launcher
index d8ece7f..f8150a7 100755
--- a/usr/bin/sandbox-app-launcher
+++ b/usr/bin/sandbox-app-launcher
@@ -74,7 +74,6 @@ setup() {
 
 run_program() {
   ## TODO: X11 sandbox - not needed if we switch to wayland
-  ## TODO: IPC namespace
   ## TODO: Network namespace - probably via ip netns
   ## TODO: Don't preserve the environment - env -i
 
@@ -143,6 +142,7 @@ run_program() {
   --unsetenv SUDO_COMMAND \
   --unsetenv OLDPWD \
   --unsetenv MAIL \
+  --unshare-ipc \
   --unshare-pid \
   --unshare-cgroup \
   --unshare-uts \