cms
cms copied to clipboard
Published
20 hours ago •
cms-dev
cms-dev
Explore the use of NsJail as a sandbox provider
NsJail (https://github.com/google/nsjail) is a cgroup- and namespace-based sandbox helper that resembles isolate a lot. We might want to play with it a bit to see how the two compare. It also comes with a nice syscall filtering library, Kafel (https://github.com/google/kafel).
