sandboxfs: A virtual file system for sandboxing
sandboxfs is a FUSE file system that exposes a combination of multiple files and directories from the host's file system in the form of a virtual tree with an arbitrary layout. You can think of a sandbox as an arbitrary view into the host's file system with different access privileges per directory.
sandboxfs is designed to allow running commands with limited access to the file system by using the virtual tree as their new root, and to do so consistently across a variety of platforms.
sandboxfs is licensed under the Apache 2.0 license and is not an official Google product.
The latest version of sandboxfs is 0.2.0 and was released on 2020-04-20.
See the installation instructions for details on how to build and install sandboxfs.
See the release notes file for more details.
sandboxfs is fully documented in the
sandboxfs(1) manual page, which is
located in the
man/sandboxfs.1 file. You can view a
rendered version of this manual page using the following command after
cloning the tree:
If you'd like to contribute to sandboxfs, there is plenty of work to be done! Please make sure to read our contribution guidelines to learn about some important prerequisite steps.