compartment
Confine services in a limited environment
Install
- All systems
-
curl cmd.cat/compartment.sh
- Debian
-
apt-get install compartment
- Ubuntu
-
apt-get install compartment
- Kali Linux
-
apt-get install compartment
- Windows (WSL2)
-
sudo apt-get update
sudo apt-get install compartment
- Raspbian
-
apt-get install compartment
- Dockerfile
- dockerfile.run/compartment
compartment
Confine services in a limited environment
Compartment was designed to allow safe execution of privileged and/or untrusted executables and services. It can execute a process: - Setting specific Linux capabilities - Chrooting it to a certain location - setting the user or group it will run with - running a program before it is executed These features can be used to minimize the risk of a trojanized or vulnerable program/service.