arapuca
Cross-platform process sandbox with kernel-enforced isolation
arapuca applies OS-level sandbox restrictions to processes using kernel security primitives. On Linux: Landlock LSM filesystem confinement, seccomp BPF syscall filtering, cgroup v2 resource limits, and network namespace isolation. Provides a C-compatible static library (libarapuca.a) with header and pkg-config file for embedding in C, Go, and other FFI-capable languages.
Releases Overview
| Release | Stable | Testing |
|---|---|---|
| Fedora Rawhide | 0.2.3-1.fc45 | - |
| Fedora 44 | 0.2.3-1.fc44 | 0.2.3-1.fc44 |
| Fedora 43 | 0.2.3-1.fc43 | - |
File a new bug report »
Package Info
Related Packages
Package Info
- Upstream: https://github.com/sergio-correia/arapuca
- License(s): Apache-2.0 AND MIT AND (Apache-2.0 OR BSD-3-Clause) AND (Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT) AND (MIT OR Apache-2.0 OR LGPL-2.1-or-later)
- Maintainer: scorreia
Related Packages
You can contact the maintainers of this package via email at
arapuca dash maintainers at fedoraproject dot org.
Sources on Pagure