Sandbox I2P
_Originally created by @intrigeri on [#7724 (Redmine)](https://public-redmine-archive.tails.boum.org/code/issues/7724)_
We want to mitigate the impact of security vulnerabilities that I2P may
have. The goals would be:
- make privilege escalation from the `i2psvc` user harder
- make it harder to read identifiers of the local system, user, etc.
Most likely, we’ll want to use AppArmor to do so. Now, it may be hard to
confine a Java application in a useful way with AppArmor.
Feature Branch: kytv:feature/7724-sandbox-i2p
### Subtasks
- [ ] tails/tails#10572
- [x] tails/tails#10573
- [ ] tails/tails#10924
- [x] tails/tails#10925
### Related issues
- **Related to** tails/tails#5370
- **Related to** tails/tails#9949
- [x] **Blocked by** tails/tails#9229
- [x] **Blocked by** tails/tails#9830
- [ ] **Blocked by** tails/tails#12264
issue