FilterHN

Tree Sandbox – I created a new sandbox tool for Linux

1 points

1 hour ago

| 0 comments

I'd like to share my rootless sandbox. I've been having fun making some features which other Linux sandbox tools don't provide.

You’ve used Podman, Firejail, Flatpak, Bubblewrap, ... Tree Sandbox is another rootless Linux sandbox tool. Our tools aren't rivals — they complement each other.

https://github.com/garywill/treesandbox

After much work, I release the 1st beta version.

This is a personal project, no security team. Although, I try my best to cover all security aspects.

Layered structure "containers tree" is one of my original design, which I think is a enhanced security model. Tell me what you think about it.

TS is single-file python script. It talks to Linux kernel directly by libc. No 3rd-party python lib or 3rd-party tool needed during the container building progress.

Details are in GitHub README.

No one has commented on this post.