ujail is intended to be a system for sandboxing processes in userspace. Its main purpose is to provide security through controlling the syscalls made by a process and possibly emulating some calls. Using this technique ujail provides means to do various security-related things, like creating a syscall-level firewall or containing a process in a single directory, but still allowing selective access to files outside this directory. ujail is being designed to provide a library which can be embedded in other programs.
All contributions to ujail are welcome. If you want to get started with contributing, please create your own bzr branch of the ujail code and get going. In order to get your changes merged into the main development tree, please use launchpad's merge request feature. Please bear in mind that ujail is in an early design phase right now and thus may see its interfaces change rapidly.