IPC scopes
Scopes are Landlock's IPC isolation primitive. Unlike filesystem and network rules, scopes are all-or-nothing — there is no per-resource rule to grant exemptions. A scope flag, when handled by a ruleset, isolates the sandboxed process from a specific kind of cross-domain IPC entirely.
Scopes require Landlock ABI 6 (Linux kernel 6.12+). See the "Scope flags" section of landlock(7) for the kernel-side definition.
What scopes can isolate
Two scope flags exist today:
| C# value | Kernel constant | What it isolates |
|---|---|---|
Landlock.Scope.ABSTRACT_UNIX_SOCKET |
LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET |
Connections into abstract Unix sockets (the \0-prefixed Linux-specific kind) from outside the Landlock domain are blocked. Filesystem-backed Unix sockets are unaffected. |
Landlock.Scope.SIGNAL |
LANDLOCK_SCOPE_SIGNAL |
Signals sent into the domain by processes outside it are blocked. The sandboxed process can still signal its own children. |
Both scopes are about who can talk to the sandbox from outside, not who the sandbox can talk to. The intent is to stop a sandboxed plugin or worker from being co-opted by a peer process on the same host.
For the exact kernel semantics see landlock(7) — "Scope flags".
Enabling scopes
Scopes go through the third parameter of the full CreateRuleset overload:
var sandbox = Landlock.CreateRuleset(
fileSystem: new[] { Landlock.FileSystem.CORE },
network: null,
scope: new[]
{
Landlock.Scope.ABSTRACT_UNIX_SOCKET,
Landlock.Scope.SIGNAL,
});
sandbox
.AddPathBeneathRule("/var/lib/myapp", Landlock.FileSystem.READ_FILE, Landlock.FileSystem.READ_DIR)
.Enforce();
There are no per-scope rules to add — listing the scope in the ruleset is the entire configuration.
When scopes are useful
- Plugin sandboxes. Stop a sandboxed plugin from binding to an abstract Unix socket that some other process on the host might unexpectedly connect to.
- Multi-tenant workers. Prevent an attacker in a neighbouring container (sharing the host's abstract Unix socket namespace) from signalling the sandboxed worker.
- Defense in depth. Combine with filesystem rules so a compromised sandboxed process can neither reach the filesystem nor be reached by other processes on the host.
The landlock-sample repo contains C-language examples of the same pattern.
Falling back on older kernels
On a kernel older than 6.12, Landlock.Scope.* flags are silently filtered out — see ABI versions. Add an explicit check if your security model relies on scope isolation:
if (Landlock.GetAbiVersion() < 6)
throw new PlatformNotSupportedException(
"This service requires Landlock ABI ≥ 6 (Linux 6.12+) for IPC scopes.");
Cross-reference
- landlock(7) — Scope flags
- Kernel docs — Landlock scoping
- Landlock ABI 6 announcement — kernel 6.12 release notes.