zlacker

[parent] [thread] 4 comments
1. bigwhe+(OP)[view] [source] 2026-02-03 21:14:12
I use Leash [1] [2] for sandboxing my agents (to great effect!). I've been very happy with it, it provides strict policy-level control for all process-level + network-level activity, as well as full visibility and dynamic runtime controls via WebUI. Way better than bubblewrap imo.

I originally saw it here on HN and have been hooked ever since.

[1] Screenshot: https://camo.githubusercontent.com/99b9e199ffb820c27c4e977f2...

[2] https://github.com/strongdm/leash

Fun fact: Do you know what container / sandboxing system is in most widespread use? Not docker containers, certainly not bubblewrap, and not even full VMs or firecracker. It's Chrome tabs.

replies(3): >>observ+W3 >>necove+9h >>JCatth+cE
2. observ+W3[view] [source] 2026-02-03 21:35:30
>>bigwhe+(OP)
Using Chrome for anything seems like a security failure of itself. It's got great features, but damn do they come at a cost.
3. necove+9h[view] [source] 2026-02-03 22:43:45
>>bigwhe+(OP)
That's interesting, how does Chrome implement "sandboxing" in Windows and MacOS? For Linux, does it use the same underlying technology as Docker, Podman, LXD, LXC (cgroups, namespaces...)?

Or is a custom "sandboxing" implementation not relying on system level functions (eg. a VM with restricted functions)?

If the latter, I wonder if something like JRE or .NET CLR is still out there in larger numbers, but obviously, Chrome does have billions of users.

replies(1): >>spijda+1n
◧◩
4. spijda+1n[view] [source] [discussion] 2026-02-03 23:18:10
>>necove+9h
Yes, Chromium has "native" sandboxing on all those platforms, Windows [0] Linux [1] and MacOS [2].

Chromium uses both seccomp filtering as well as user namespaces (the technology that Docker/Podman use).

The Windows and MacOS sandboxing strategies are more "interesting" because I've seen very few (open source) programs that use those APIs as extensively as Chromium. On Windows, it makes use of AppContainer [3] (among other things), while on MacOS it uses the sparsely documented sandbox API [4], which I think was based on code from TrustedBSD?

[0] https://chromium.googlesource.com/chromium/src/+/HEAD/docs/d...

[1] https://chromium.googlesource.com/chromium/src/+/HEAD/sandbo...

[2] https://www.chromium.org/developers/design-documents/sandbox...

[3] https://learn.microsoft.com/en-us/windows/win32/secauthz/app...

[4] https://manp.gs/mac/7/sandbox

5. JCatth+cE[view] [source] 2026-02-04 00:56:59
>>bigwhe+(OP)
> certainly not bubblewrap,

Eh, it might be bubblewrap given it's what flatpak uses.

[go to top]