An experimental interactive security sandbox for Linux. Approve privileged actions before they run on any binary.
Warning
This is heavily a work in progress and not ready for production. Do not use it to run untrusted software.
See the related blog post for details.
Requires Linux v6.12 or higher.
- libbpf section names
- List of sleepable LSM hooks
- List of all LSM hook function signatures
- File with comments explaining what each LSM hook does