Sandboxing a process
This is the library Google uses for sandboxing the Chrome processes. It achieves this by doing the following:
[…] an executable can be launched, load libraries and open files and get chroot()-ed to an empty directory when it wants to drop filesystem access.
My name is Alvaro and I´m currently working in 