dEEpEst
ā£ā£ In The Depths ā£ā£
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
- Joined
- Mar 29, 2018
- Messages
- 13,860
- Solutions
- 4
- Reputation
- 27
- Reaction score
- 45,546
- Points
- 1,813
- Credits
- 55,090
ā7 Years of Serviceā
56%
Linux Namespaces: Isolating Processes
Welcome to the world of digital security, Hack Tools Dark Community!
Today, let's explore how Linux creates isolated "sandboxes" for processes using namespaces.
Disclaimer:
This post is for educational purposes only. Use the information responsibly and only in environments where you have permission to perform such actions.
Join the discussion below! Share your experiences with namespaces or ask questions!

Today, let's explore how Linux creates isolated "sandboxes" for processes using namespaces.
- āŗ PID Namespace - Your Own Process Tree:
Isolate processes so they only see each other without accessing host processes.
Bash:sudo unshare --pid --fork --mount-proc /bin/bash
Inside the new shell, use:
Bash:ps aux
As a result, you will only see the processes launched within this namespace. - āŗ NET Namespace - Separate Network for Each Container:
Create a separate network stack with unique interfaces and IP addresses.
Bash:sudo ip netns add mynetns sudo ip netns exec mynetns bash ip link show
Inside the namespace, only the local interface will be available initially, offering complete network isolation. - āŗ MNT Namespace - Isolate File Systems:
Provide each process with its own mount points. This allows working with different filesystems without affecting the host.
Bash:sudo unshare --mount /bin/bash mount -t tmpfs tmpfs /mnt mount | grep /mnt
The newly created mount point will be visible only inside the namespace, hidden from the host system.

This post is for educational purposes only. Use the information responsibly and only in environments where you have permission to perform such actions.
