google/nsjail
A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.
[view on github]last commit: Mar 4, 2026
stars
3,749
7d
+14
30d
-
90d
-
## star history
## found in