Hi, author here.

jGuard is a capability-based security framework for the JVM (JDK 21+) designed for running untrusted or semi-trusted code after the removal of the Java SecurityManager.

Policies are declared using a module-style descriptor inspired by module-info.java, and enforcement happens at the JDK operation level (filesystem, network, threads, native loads).

Happy to answer questions about the threat model, design tradeoffs, or how this compares to the legacy SecurityManager.

"The capability based approach is interesting, but trusting developers to declare all their needed capabilities seems brittle. Modern OS level sandboxing or containerisation provides strong isolation without relying on each library to opt in, which may be a more robust alternative."