FICHA · AUR

nsjail-git

A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters (with help of the kafel bpf language)

  • sandboxing-tool
  • CLI
  • SECURITY
  • System
  • Launchable
  • Runs in terminal
official+codex · reviewed · Jun 2, 2026 description in en

Description

Processes can be isolated with Linux namespaces and seccomp-bpf syscall filters for sandboxing or controlled execution. This helps developers and security teams limit what a test program can see or do.

Sandbox configuration mistakes can still expose files, devices, or network access. Use it with reviewed policies and do not assume isolation is complete without testing the exact command and environment.

How to run

nsjail

Commands: nsjail

Permissions

Permissions not analysed for this source yet.