libiris is a (work in progress) cross-platform sandboxing library. This project is not a production-ready sandbox; instead, it aims at being a good development harness for codebases that need modifications for sandboxing.
Sandboxing means reducing your program's ambient authority (what it can legitimately do) and the attack surface exposed to it (the amount of code it can trigger bugs in to escape the sandbox). This requires understanding the internals of each OS your program supports and requires splitting your program into multiple processes (for reasons detailed in the docs). This takes time and effort and has no user-visible added value. This project aims to reduce entry costs so that more developers try to sandbox their projects and document common solutions so that developers without a security background are incentivized to reuse them instead of starting from scratch.