Wow; secureblue looks neat (just voted for its inclusion). The only problem is, fighting the Kernel with Kernel-assisted virtualization (sandboxing with containers or jailing with namespaces, seccomp, ptrace, selinux etc) is a losing war (even if a few battles could be won here and there); but it feels like an amazing project for anyone with lightweight virt needs (as opposed to the approach in ChromeOS).
Re: Aeon: Doesn’t strike me as a particularly privacy/security project (like secureblue)?