jailer: Jailer is an eBPF-based process jailing system that provides mandatory access control (MAC) for Linux. It tracks processes using BPF task_storage maps and enforces role-based policies
3mon 14d ago by infosec.pub/u/digicat in blueteamsec@infosec.pub from github.com
Damn. This is cool af. I've seen so ,any interesting things with epbf, like bpfilter, facebook's ebpf firewall which they discussed being more performant.
I wonder if an epbf alternative to selinux is possible?