disconnect3d/container jailboxes.md

Last active June 1, 2020 13:10

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/disconnect3d/97ce589649832b1f32babb2d18c3d1ea.js"></script>
Save disconnect3d/97ce589649832b1f32babb2d18c3d1ea to your computer and use it in GitHub Desktop.

Download ZIP

All your containers systems belong to us - a [not] curated list of jails, sandboxes, containers, etc systems.

Raw

container jailboxes.md

Linux

Containers/jails

docker
https://github.com/google/gvisor
https://github.com/google/nsjail
https://github.com/netblue30/firejail (e.g. compiler-explorer uses this)
https://podman.io/
systemd-nspawn
https://github.com/lxc/lxc
https://github.com/lxc/lxd (not sure what's relation between lxc and lxd, seems like those are "one tool" in the end = client vs deamon)
runc/binctr
https://github.com/containers/bubblewrap
sandstorm.io
https://github.com/sylabs/singularity
https://github.com/yandex/porto
sio2jail
https://github.com/google/sandboxed-api/tree/master/sandboxed_api/sandbox2
Chromium's minijail - https://www.chromium.org/chromium-os/chromiumos-design-docs/system-hardening

Virtualization:

Others:

https://github.com/VMwareFusion/nautilus
k8s
k3s

Windows

AppContainers - https://github.com/trailofbits/appjaillauncher-rs

MacOS

Apple sandbox (see also https://github.com/malus-security/sandblaster)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment