Description
Linux processes can run with unprivileged sandbox restrictions powered by the Landlock security module. It is useful for limiting what a command can access when testing tools or running less-trusted workloads.
Sandboxing reduces risk but does not make unknown software automatically safe. Define allowed paths carefully and test with disposable data first.