Firejail – Securely Run Untrusted Applications in Linux
Sometimes you may want to use applications that have not been well tested in different environments, yet you must use them. In such cases, it is normal to be concerned about the security of your system. One thing that can be done in Linux is to use applications in a sandbox. “Sandboxing” is the ability to run application in a limited environment. That way the application is provided a tighten amount of resources, needed to run.
Thanks to an application called Firejail, you can safely run untrusted applications in Linux.
Firejail is a SUID (Set Owner User ID) application that decrease the exposure of security breaches by limiting the running environment of untrusted programs using Linux namespaces and seccomp-bpf.
It makes a process and all its descendants to have their own secret view of the globally shared kernel resources, such as the network stack, process table, mount table.
Read more at Tecmint