Description
Unprivileged Linux sandboxes can be created from scripts and higher-level tools using Bubblewrap. It is useful for packagers, developers, and security-conscious users who need process isolation primitives.
This is a low-level sandboxing tool, not a complete security policy by itself. The protection depends on the namespaces, mounts, paths, and permissions chosen by the command or wrapper that uses it.