This is a lightweight, secure Linux sandbox tool implemented based on the Landlock module that comes with the Linux kernel. It allows users to run any command in a secure manner without root privileges or containers, and supports flexible control over file read/write and network access permissions.