Show HN: Z-Jail – A 130 KB Linux sandbox-C99 with 7 defense layers and zero deps

Software Development, Operating System, Security(github.com)view on HackerNews
Linuxsandboxnamespacesseccomp-bpfcapability droppingverdict enginesecurityauditable code execution

Author: Zierax

Date: 7/1/2026

Article Summary:
A lightweight, multi-layer Linux sandbox combining namespaces, pivot_root, seccomp-bpf, capability dropping, and an evidence-based verdict engine for secure, auditable code execution.