Current state of linux application sandboxing. Is it even as secure as Android ?

This page summarizes the projects mentioned and recommended in the original post on /r/linux
Miscellaneous Linux Emulator linux-containers Virtualization

InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • ipfs-nix-guide

    IPFS × Nix Guide

    • I would consider Nix superior, just a gut feeling, especially when https://github.com/obsidiansystems/ipfs-nix-guide exists. The integration of P2P with opensource is perfect and I have never seen it elsewhere. Flatpak is limiting as I can't I use it to sandbox things not installed by it.

  • v86

    x86 PC emulator and x86-to-wasm JIT, running in the browser

    • Simply by enabling JavaScript you are running untrusted code inside the sandbox that is the JS engine of your browser. Things like http://copy.sh/v86/ can run Windows or Linux inside this sandbox. So, you are saying that you fully trust each snippet of JS that your browser downloads?

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • Conty

    Easy to use unprivileged Linux container packed into a single portable executable

    • I'd imagine the sandbox options are bubblewrap presets, though -- you'd probably want to look around conty-start.sh for more details or ask in the GitHub Discussion.

  • nixpak

    Runtime sandboxing for Nix

    • Are you aware of https://github.com/nixpak/nixpak

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts