DtxdF
Developer
The principle of least privilege can be defined as “A security principle that a system should restrict the access privileges of users (or processes acting on behalf of users) to the minimum necessary to accomplish assigned tasks.”, and in the context of FreeBSD jails, this is where it really shines. We provide access only to the devices that a jail needs to work properly, isolate processes, isolate the network stack, restrict access to mount points, and much more using FreeBSD jails; however, it's still necessary to isolate the network traffic that a jail can access.
Link: https://github.com/DtxdF/AppJail/wiki/filter
Link: https://github.com/DtxdF/AppJail/wiki/filter