Landlock-Sharp
A lightweight C# wrapper for the Linux Landlock kernel sandboxing feature — restrict your own process's filesystem and network access without root privileges.
What is Landlock-Sharp?
Landlock-Sharp is a C# binding for Landlock, the Linux kernel security feature (available since Linux 5.13) that lets unprivileged applications restrict their own filesystem and network access using an allow-list model. Once a ruleset is enforced, the process — and any child processes — can only access explicitly permitted resources, providing simple but effective sandboxing without root privileges or system-wide configuration.
This library wraps the three Landlock syscalls (landlock_create_ruleset, landlock_add_rule, landlock_restrict_self) in an idiomatic C# API, automatically negotiates the kernel ABI version, and exposes the full feature surface defined in the upstream landlock(7) man page.
Project on GitHub landlock.io — Official site landlock(7) man page Linux kernel docs
A first taste
using Sandbox;
if (Landlock.IsSupported())
{
var sandbox = Landlock.CreateRuleset(Landlock.FileSystem.CORE);
sandbox.AddPathBeneathRule(
"/var/lib/myapp/data",
Landlock.FileSystem.READ_FILE,
Landlock.FileSystem.READ_DIR);
sandbox.Enforce();
}
After Enforce() returns, the current thread (and every thread/process it spawns) is denied every filesystem access except read-only access under /var/lib/myapp/data. The restriction is irrevocable — there is no way to widen the sandbox once it has been applied.
Why Landlock-Sharp?
Defense-in-depth, no root needed
Drop privileges from inside your own process. No setuid binary, no capabilities, no system-wide policy to manage. See the Landlock kernel doc for the security model.
Allow-list semantics
Everything is denied by default. You name the directories, ports, and IPC scopes you want — anything you don't name is blocked. Inspired by the upstream allow-list model.
ABI auto-negotiation
The library asks the kernel for its supported Landlock ABI version and silently downgrades rules that aren't yet available — your code keeps running on older kernels.
Tiny surface, full feature set
One Landlock class. Four public methods. Yet it exposes filesystem rules, TCP port rules, and IPC scopes — the full set documented in landlock(7).
Pick your path
Requirements
| Requirement | Minimum | Notes |
|---|---|---|
| Linux kernel | 5.13 (ABI 1) | Newer features need newer kernels — see the ABI table. |
| Architecture | x86-64 | The library uses raw syscall(2) with x86-64 syscall numbers. |
| .NET | .NET 6.0+ | Uses OperatingSystem.IsLinux() and modern P/Invoke. |
| Privileges | None | Landlock is explicitly designed for unprivileged processes. |
Landlock is a no-op on non-Linux platforms. Landlock.IsSupported() returns false everywhere except a Linux x86-64 kernel with Landlock enabled in the build (CONFIG_SECURITY_LANDLOCK=y and the landlock,... boot parameter on some distributions). For details on enabling Landlock on your distribution, see the kernel documentation.
Learn more about Landlock itself
Most concepts in this library map 1:1 to the upstream Landlock kernel ABI. The official references below are the canonical source of truth — this site documents the C# binding on top of them.
- landlock.io — the official Landlock project site, run by Mickaël Salaün, the kernel feature's author.
- landlock(7) man page — full description of the kernel API, including the ABI version table.
- Linux kernel — Landlock documentation — overview, sandbox guarantees, and code samples.
- landlock-lsm on GitHub — the upstream organisation hosting reference implementations (C, Go, Rust) and the kernel test suite.
- Linux kernel source —
security/landlock/— the LSM implementation itself.