https://www.pistack.xyz/tags/landlock/ Recent content in Landlock on Pi Stack Hugo en-us Sun, 24 May 2026 00:00:00 +0000 https://www.pistack.xyz/posts/2026-05-24-self-hosted-linux-sandboxing-frameworks-landlock-seccomp-bubblewrap-guide/ Sun, 24 May 2026 00:00:00 +0000 https://www.pistack.xyz/posts/2026-05-24-self-hosted-linux-sandboxing-frameworks-landlock-seccomp-bubblewrap-guide/ <p>Linux sandboxing frameworks provide essential isolation layers for running untrusted workloads on self-hosted servers. This guide compares three major approaches: <strong>Landlock</strong> (the kernel LSM for filesystem sandboxing), <strong>Seccomp-BPF</strong> (system call filtering), and <strong>Bubblewrap</strong> (user-space sandboxing). Each offers different trade-offs between security guarantees, ease of configuration, and performance overhead.</p>