App::Hako - keep apps away from your home
hako <fake-home-dir> <command-to-run...>
Hako is an extremely simple container that replaces your $HOME directory with another separate directory (that may be within your current $HOME), so you can run another program while preventing it from seeing or touching any of your files in $HOME.
Setting your $HOME environment variable to a different directory would have a similar effect, but any program that checks the passwd file would find your real $HOME.
It also wouldn't isolate your network, which is another feature of Hako that I haven't mentioned yet.
It started as teaching material called "Build your own container runtime in 20 lines of code", and I was only able to hit the 20 lines of code target in Perl.
(It's slightly more than 20 lines of code now.)
Copyright (C) Marty Pauley.
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
Marty Pauley <email@example.com>