Description
Filesystem access can be sandboxed through a FUSE-based layer that presents a controlled view of files to processes.
This is security-sensitive filesystem tooling. Sandbox rules must be tested carefully, because mistakes can hide required files or expose paths that were meant to be isolated.