Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

macOS What is the macOS equivalent of namespaces on Linux?

I don't think there's a macOS direct equivalent.

Can you describe the specific problem you're trying to solve using namespaces? Or were you just interested in where various tidbits of information resided?

Although I'm not aware of a macOS direct equivalent, there are various places where some information resides. For example, the mount-table and the sysctl() function provide access to certain information that's available in Linux namespaces.
 
chown33 said:
I don't think there's a macOS direct equivalent.

Can you describe the specific problem you're trying to solve using namespaces? Or were you just interested in where various tidbits of information resided?

Although I'm not aware of a macOS direct equivalent, there are various places where some information resides. For example, the mount-table and the sysctl() function provide access to certain information that's available in Linux namespaces.
Click to expand...
I'm looking to be able to create a sandboxed environment so any executables in the sandbox can't access code and/or information outside of the sandbox. I want to use it as a security feature where code from one executable can only run other executable code by sending a message between the two sandboxed environments.
 
I searched for keywords: macos sandbox environment

This was a top hit:
developer.apple.com

App Sandbox | Apple Developer Documentation

Restrict access to system resources and user data in macOS apps to contain damage if an app becomes compromised.
developer.apple.com developer.apple.com

There are probably more related docs.


Here's an article that was farther down the list:

A long evening with iOS and macOS Sandbox

Hi there! It’s GeoSn0w. The macOS Sandbox has always been a mysterious thing that I liked to poke at with various tools and with the knowledge I have gathered from reference books such as Jonathan Levin’s *OS Internals, and Apple’s own not-so-detailed documentation. Of course, it’s nothing new...
geosn0w.github.io

It's from 2018, but it seems well-written.


A virtualized environment like Parallels might be made to work. A typical VM presents only an artificial set of resources to its hosted code. One could put as many layers as one wished between the foundational VM and the desired "sandboxed environment", including running a Linux distro under the VM, then using actual Linux namespaces.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back