Run untrusted POSIX applications, safely, in one process

Lind executes untrusted POSIX applications as isolated cages inside a single unprivileged host process — no kernel modifications, no elevated privileges — while keeping the isolation mechanism pluggable and the system-call policy layer uniform.

WebAssembly / Intel MPK / Kernel backends One mediation layer: 3i
Explore lind-wasm ↗ View on GitHub
$ recompile · sandbox · run — most C/POSIX programs, unchanged
PLUGGABLE ISOLATION BACKEND · CONFINES CAGES & GRATES WebAssembly / Wasmtime ✓ · Intel MPK (planned) · Kernel (planned) Cage 1 NGINX Cage 2 PostgreSQL Cage 3 Python Grate user-space policy handler system calls mediation 3i — Intercage Interposition Interface uniform system-call mediation, routing & policy RawPOSIX minimal trusted POSIX runtime
Why Lind

Isolation and policy, finally decoupled

Sandboxes usually entangle two concerns: how an application is confined, and how its system calls are mediated. Lind separates them cleanly — so isolation technology can evolve without rewriting policy, and policy can be composed without touching the isolation substrate.

📦

Cages

Each application runs as an isolated execution context with its own memory, control flow, and POSIX-like semantics — all inside one unprivileged host process.

🔀

3i

The Intercage Interposition Interface routes every system call, delegating each to the trusted runtime or to user-space policy handlers. Programmable, uniform across backends.

🛡️

Grates

User-space policy handlers that interpose on system calls — filter, transform, or service them entirely in user space, composable per workload.

⚙️

RawPOSIX

A minimal trusted POSIX runtime that services the calls the policy layer chooses to pass through — keeping the trusted computing base small.

🔌

Pluggable isolation backends

The isolation substrate is deliberately swappable. WebAssembly software fault isolation (via Wasmtime) is the first fully realized backend; hardware-assisted mechanisms such as Intel MPK and kernel backends are targeted next — each offering different performance and trust trade-offs, under the same mediation layer.

🧩

POSIX compatibility preserved

Most C/POSIX programs — and increasingly Rust programs — can be recompiled and sandboxed without source-level changes. A full LAMP stack (NGINX, PostgreSQL, Python) already runs as cages today.

Projects

One framework, growing family of backends

lind-wasm is the mature, fully realized backend today — with end-to-end tests, benchmarks, dev containers, and public documentation.

Ongoing work
MPK backend Kernel backend with 3i Library decomposition Run Lind as a shared library
Roadmap

Validating the separation, then hardening it

The roadmap advances along two axes — new isolation backends, and deeper grate-based mediation — with project maturity (governance, releases, audits) developing alongside.

M0 current
WASM backend fully realized. Full LAMP stack runs as cages; parts run under grates. End-to-end tests, benchmarks, dev containers, docs. Backend interface being extracted.
M1 0–6 mo
First MPK and kernel backend prototypes run the core process model (cages, fork/exec/exit, multi-cage) through 3i. Grate mediation extends to the full LAMP stack; first tagged release.
M2 6–12 mo
Backend parity. MPK and kernel backends reach parity with WASM — including grate calls — so the LAMP stack runs across all three. Lind embeddable as a library.
M3 12–18 mo
Stabilize & audit. Versioned backend, 3i, and grate interfaces; independent security audit; cross-backend performance optimization; supply-chain hardening.
M4 18–24 mo
Production deployment at an external organization — real workloads with grate-based policy, across backends, with competitive performance.
Community

Built in the open, together

Lind is developed openly by a community of researchers and contributors. Join the conversation, come to a meeting, or open your first pull request.

📅

Monthly community meeting

We meet once a month to discuss roadmap progress, design questions, and contributions. Everyone is welcome — add it to your calendar.

Add to Google Calendar
💬

Chat on Slack

Questions, ideas, or just curious? Find us in the #lind channel of the Secure Systems Lab Slack.

Join us on Slack
🐙

Contribute on GitHub

Issues, discussions, and pull requests all happen in the open. Contributing guides and good first issues live in the repos.

Explore the repo

Start with the realized backend

lind-wasm is ready to explore today — documentation, dev containers, and a test suite to get you from clone to running cages.