zlacker

[parent] [thread] 6 comments
1. senko+(OP)[view] [source] 2026-02-03 20:37:43
> take a snapshot of my current workspace in a VM. Run claude there

Sounds like docker + overlayfs might fit the bill, as long as there's a base image that is close enough to what you need.

I don't think there should be One True Way how to run these, everyone can set it up in a way that best fits their workflow.

replies(1): >>ushako+N2
2. ushako+N2[view] [source] 2026-02-03 20:51:28
>>senko+(OP)
both Docker and bubblewrap are not secure sandboxes. the only way to have actually isolated sandboxes is by using VMs

disclaimer: i work on secure sandboxes at E2B

replies(3): >>senko+M4 >>its-su+Fb >>gf000+Em
◧◩
3. senko+M4[view] [source] [discussion] 2026-02-03 20:59:24
>>ushako+N2
No disagreement from me. From the article:

> Bubblewrap and Docker are not hardened security isolation mechanisms, but that's okay with me.

Edit to add: my understanding is the major flaw in this approach is potential bugs in Linux kernel that would allow sandbox escape. Would appreciate your insight if there are some easier/more probable attack vectors.

◧◩
4. its-su+Fb[view] [source] [discussion] 2026-02-03 21:36:53
>>ushako+N2
Do you have more information on how to set up such VMs?
replies(1): >>ushako+Hd
◧◩◪
5. ushako+Hd[view] [source] [discussion] 2026-02-03 21:46:37
>>its-su+Fb
for personal use, many ways: Vargant, Docker Sandbox, NixOS VMs, Lima, OrbStack.

if you want multi-tenant: E2B (open-source, self-hosted)

replies(1): >>eikenb+Ez
◧◩
6. gf000+Em[view] [source] [discussion] 2026-02-03 22:34:36
>>ushako+N2
What about cgroups? I know they are not exactly analogous, but to me that seems like a pretty decent solution.
◧◩◪◨
7. eikenb+Ez[view] [source] [discussion] 2026-02-03 23:45:32
>>ushako+Hd
Hashicorp has mostly abandoned Vagrant, so I'd avoid it.
[go to top]