user-namespaces

Low-level unprivileged sandboxing tool used by Flatpak and similar projects

StemJail: Dynamic Role Compartmentalization

Simple desktop application sandboxing tool for GNU\Linux

A pure-Go implementation of fakeroot using Linux user namespaces.

Very experimental docker authorization plugin, disabling some trivial ways of gaining root via docker

Experiments with unshare

Kernel patches for non-init user namespace on FUSE filesystem

Limit SFTP access to a remote (Linux) system

Runs commands in Linux containers with configurable levels of isolation.

Nesting containers with podman

Experiment with NFS mount in a user namespace

A nix shell running in a (thin) container

Dots