zlacker

[parent] [thread] 4 comments
1. decode+(OP)[view] [source] 2026-02-02 21:53:47
This is why I started https://nono.sh , agents start with zero trust in a kernel isolated sandbox.
replies(2): >>js4eve+V7 >>indigo+pa
2. js4eve+V7[view] [source] 2026-02-02 22:22:01
>>decode+(OP)
What's the benefit over using docker?
replies(1): >>bardso+TC1
3. indigo+pa[view] [source] 2026-02-02 22:30:29
>>decode+(OP)
I had O4.5 build me this project to throw on a VPS or server, works well for me:

https://github.com/jgbrwn/vibebin

◧◩
4. bardso+TC1[view] [source] [discussion] 2026-02-03 09:04:13
>>js4eve+V7
Can't speak for the benefits of https://nono.sh/ since I haven't used it, but a downside of using docker for this is that it gets complicated if you want the agent to be allowed to do docker stuff without giving it dangerous permissions. I have a Vagrant setup inspired by this blogpost https://blog.emilburzo.com/2026/01/running-claude-code-dange..., but a bug in VirtualBox is making one core run at 100% the entire time so I haven't used it much.
replies(1): >>emilbu+WF1
◧◩◪
5. emilbu+WF1[view] [source] [discussion] 2026-02-03 09:28:03
>>bardso+TC1
> but a bug in VirtualBox is making one core run at 100% the entire time

FYI they fixed it in 7.2.6: https://github.com/VirtualBox/virtualbox/issues/356#issuecom...

[go to top]