bubblewrap

Bubblewrap is a low-level Linux tool that lets a regular user run a program inside an isolated environment without needing administrator access. Most container tools require root or elevated privileges to operate, which makes them unsuitable for ordinary users because that level of access can be exploited to take full control of the host machine. Bubblewrap avoids this by relying on a Linux kernel feature called user namespaces, which allows unprivileged users to create isolated environments where a process sees a restricted view of the system.

The tool is primarily used as a building block by other software rather than directly by end users. Flatpak, the application sandboxing system used on many Linux desktops, uses bubblewrap internally to isolate the apps it runs. Other container-related tools in the same ecosystem also rely on it.

When you run a program through bubblewrap, it starts in a fresh, empty filesystem that is invisible to the rest of the host. You then pass command-line arguments to specify exactly which parts of the real filesystem the sandboxed program is allowed to see, whether those parts are read-only or writable, and whether the process can access the network or see other running processes. You can also apply seccomp filters, which restrict which low-level operating system calls the sandboxed process is permitted to make.

Bubblewrap does not come with its own security policy built in. The security of any sandbox built on top of it depends entirely on the arguments passed when launching it. The README includes a section on limitations, noting specific cases where a poorly constructed sandbox can still allow a process to affect the host, such as through D-Bus sockets or the absence of certain seccomp filters.

The tool is available through the package repositories of most Linux distributions and can also be built from source using the Meson build system.