MicroVM sandbox on Win, Mac, Linux, with policy engine
pploug
12 points
4 comments
July 14, 2026
Related Discussions
Found 5 related stories in 1406.1ms across 14,015 title embeddings via pgvector HNSW
- How microVMs work, by building one in the browser nikhilunni · 15 pts · July 09, 2026 · 68% similar
- We Reverse-Engineered Docker Sandbox's Undocumented MicroVM API yakkomajuri · 76 pts · May 21, 2026 · 67% similar
- Show HN: Run coding agents in microVM sandboxes instead of your host machine phoenixranger · 54 pts · April 23, 2026 · 63% similar
- AWS Lambda MicroVMs for isolated execution of user and AI-generated code leemoore · 22 pts · June 23, 2026 · 57% similar
- Scaling opencomputer from 1 VM to 1 million sandboxes iacguy · 11 pts · June 18, 2026 · 56% similar
Discussion Highlights (2 comments)
saghm
Every time I see a new tool for sandboxing agents, I look to see if they've addressed the main annoyance I have with existing tools I've tried, and so far I've yet to see one that really seems to try. My issue is that for the most part, I don't want to completely cut off access to my entire filesystem; I just want to prevent agents from modifying anything outside of whatever directory I launch them from. It's pretty common for me to want to be able to point agents at things outside of my current workspace (logs, screenshots, config files for tools that I want to understand better, etc.), and I don't want to have to manually copy them to a readable location every time. I could set up a separate user on my systems, but then I'd need to figure out how to handle configs for tools that I do want the agents to have access to (and then synchronize changes to them, which can get annoying as soon as there's even a slight deviation in the configuration for the agent, like an absolute path that needs to point to the correct home directory). I don't really understand why anyone needs a bunch of new ways to say "run this without giving access to anything on my system", because I feel like we already have a ton of solutions for that. The hard problem is figuring out how to say "run this with access to some things on my system without making it incredibly tedious to specify those things", and from what I can tell, tools like this mostly punt on the "don't make it incredibly tedious" part by just letting you dump a bunch of manual settings in a config file and then assuming that people will share them after. That's a reasonable place to draw the line if you're an individual developer writing your own bespoke tool for how you want to sandbox things, but coming from maybe the most widely used container system in existence, shouldn't the bar be a bit higher?
pjmlp
It comes too late to the game, as Apple and Microsoft already have their own solutions in flight, which were demoed at the respective developer conferences.