google/nsjail
A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.
[view on github]last commit: May 8, 2026
stars
3,924
7d
+17
30d
+70
90d
+201
## star history
## found in