[amarshall]

Linux also has Landlock now.

macOS sandboxing is notoriously under-documented, has sharp edges, and is nowhere near as expressive as Linux sandboxing.

[anonzzzies]

To save a search; https://docs.kernel.org/userspace-api/landlock.html

[woodruffw]

Thanks! Landlock is the one I couldn't remember.

Agreed about macOS's sandboxing being under-documented.