#

syscall-filtering

Here is 1 public repository matching this topic...

nmicic / compartment

Kernel-enforced sandboxing for untrusted processes. Two zero-dependency core tools, one shared profile format, plus an optional BPF-LSM module.

linux security namespace sandboxing process-isolation hardening ebpf seccomp linux-security-module privilege-separation defense-in-depth landlock bpf-lsm syscall-filtering

Updated May 20, 2026
Shell

Improve this page

Add a description, image, and links to the syscall-filtering topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the syscall-filtering topic, visit your repo's landing page and select "manage topics."