MicroVM sandbox on Win, Mac, Linux, with policy engine

(docs.docker.com)

12 points | by pploug a day ago ago

6 comments

  • saghm a day ago

    Every time I see a new tool for sandboxing agents, I look to see if they've addressed the main annoyance I have with existing tools I've tried, and so far I've yet to see one that really seems to try. My issue is that for the most part, I don't want to completely cut off access to my entire filesystem; I just want to prevent agents from modifying anything outside of whatever directory I launch them from. It's pretty common for me to want to be able to point agents at things outside of my current workspace (logs, screenshots, config files for tools that I want to understand better, etc.), and I don't want to have to manually copy them to a readable location every time. I could set up a separate user on my systems, but then I'd need to figure out how to handle configs for tools that I do want the agents to have access to (and then synchronize changes to them, which can get annoying as soon as there's even a slight deviation in the configuration for the agent, like an absolute path that needs to point to the correct home directory).

    I don't really understand why anyone needs a bunch of new ways to say "run this without giving access to anything on my system", because I feel like we already have a ton of solutions for that. The hard problem is figuring out how to say "run this with access to some things on my system without making it incredibly tedious to specify those things", and from what I can tell, tools like this mostly punt on the "don't make it incredibly tedious" part by just letting you dump a bunch of manual settings in a config file and then assuming that people will share them after. That's a reasonable place to draw the line if you're an individual developer writing your own bespoke tool for how you want to sandbox things, but coming from maybe the most widely used container system in existence, shouldn't the bar be a bit higher?

  • pjmlp a day ago

    It comes too late to the game, as Apple and Microsoft already have their own solutions in flight, which were demoed at the respective developer conferences.

    • pploug 21 hours ago

      2 different platforms, 2 separate sources of truths for policies, 2 different level of compatibility (apple containers don't support compose, MS uses a custom moby implementation, neither are particular mature), none has linux compatibilty?

      • pjmlp 12 hours ago

        Yes, but both would save on Docker licenses and it isn't as if anyone would pay for Docker tooling on Linux anyway.

        So how does Docker capitalise on this new tool?

        They keep trying to stay relevant in a world where containers have become commodity.

        • pploug 7 hours ago

          Sandboxes are free, distributed outside of Docker Desktop, no license fee required - money is made on enterprise governance and cloud offerings.

          You can call containers a commodity, or an industry standard? Feels like that is more an emotional argument than anything else.

        • vectorinox 12 hours ago

          You actually do not need any licence (though a docker account is needed) to use docker sandboxes with the CLI. It's at least what the linked page says (ans my own experience ;)