New ask Hacker News story: Ask HN: Whats State of the art for Code Sandboxing? (2024)
Ask HN: Whats State of the art for Code Sandboxing? (2024)
2 by bnchrch | 0 comments on Hacker News.
Ask HN: Whats State of the art for Code Sandboxing? (2024) Im curious about running User Submitted code in a way that * Protects the host system * Protects the host network * Lets me constrain allowed URLs * Lets me constrain run times * Lets me accept more than one language easily. At a quick glance it seems like theres a healthy balance of recommendations from nested virtualization (QEMU inside a locked down docker host) and WASM (this can imply many architectures). So HN, if you were to create a sandbox system. What would you reach for?
2 by bnchrch | 0 comments on Hacker News.
Ask HN: Whats State of the art for Code Sandboxing? (2024) Im curious about running User Submitted code in a way that * Protects the host system * Protects the host network * Lets me constrain allowed URLs * Lets me constrain run times * Lets me accept more than one language easily. At a quick glance it seems like theres a healthy balance of recommendations from nested virtualization (QEMU inside a locked down docker host) and WASM (this can imply many architectures). So HN, if you were to create a sandbox system. What would you reach for?
Comments
Post a Comment