compartment
Confine services in a limited environment
Install
- All systems
-
curl cmd.cat/compartment.sh
- Debian
-
apt-get install compartment - Ubuntu
-
apt-get install compartment - Kali Linux
-
apt-get install compartment - Windows (WSL2)
-
sudo apt-get updatesudo apt-get install compartment - Raspbian
-
apt-get install compartment - Dockerfile
- dockerfile.run/compartment
compartment
Confine services in a limited environment
Compartment was designed to allow safe execution of privileged and/or untrusted executables and services. It can execute a process: - Setting specific Linux capabilities - Chrooting it to a certain location - setting the user or group it will run with - running a program before it is executed These features can be used to minimize the risk of a trojanized or vulnerable program/service.