Go Sandbox

Open-source Go projects categorized as Sandbox

Top 10 Go Sandbox Projects

  • gvisor

    Application Kernel for Containers

    Project mention: Unfashionably secure: why we use isolated VMs | news.ycombinator.com | 2024-07-25

    If you think about it virtualization is just a narrowing of the application-kernel interface. In a standard setting the application has a wide kernel interface available to it with dozens (ex. seccomp) to 100's of syscalls. A vulnerablility in any one of which could result in complete system compromise.

    With virtualization the attack surface is narrowed to pretty much just the virtualization interface.

    The problem with current virtualization (or more specifically, the VMM's) is that it can be cumbersome, for example memory management is a serious annoyance. The kernel is built to hog memory for cache and etc. but you don't want the guest to be doing that - since you want to overcommit memory as guests will rarely use 100% of what is given to them (especially when the guest is just a jailed singular application), workarounds such as free page reporting and drop_caches hacks exist.

    I would expect eventually to see high performance custom kernels for a application jails - for example: gVisor[1] acts as a syscall interceptor (and can use KVM too!) and a custom kernel. Or a modified linux kernel with patched pain points for the guest.

    [1] <https://gvisor.dev/>

  • InfluxDB

    Purpose built for real-time analytics at any scale. InfluxDB Platform is powered by columnar analytics, optimized for cost-efficient storage, and built with open data standards.

    InfluxDB logo
  • codapi

    Interactive code examples for documentation, education and fun

    Project mention: Codapi – Interactive code examples for documentation, education and fun | news.ycombinator.com | 2024-04-29
  • OPS

    ops - build and run nanos unikernels

    Project mention: OS for Secure Containers? | news.ycombinator.com | 2024-09-04

    Nanos is the actual kernel while ops (https://ops.city) is the build/deploy tool. I presume you're asking if this is doing "orchestration" - that is more of a container term. These get deployed as actual vms so all the orchestration stuff is performed by the cloud.

  • pipecd

    The One CD for All {applications, platforms, operations}

  • eBPF-Guide

    eBPF (extended Berkeley Packet Filter) Guide. Learn all about the eBPF Tools and Libraries for Security, Monitoring , and Networking.

  • nomad-driver-podman

    A nomad task driver plugin for sandboxing workloads in podman containers

  • infra

    Infrastructure powering E2B - Secure Runtime for AI Agents & Apps (by e2b-dev)

    Project mention: Show HN: Open-source SDK for creating custom code interpreters with any LLM | news.ycombinator.com | 2024-04-19

    We'll have nice and easy support for self-hosting soon-ish.

    In the meantime, everything is open-source and the infra is codified with Terraform. GCP should have the best support now. If you want to dig into it, we'd love to give you support along the road so we can improve the process.

    Our infra repo [0] is a good place to start. Once you have E2B deployed, you can just change E2B_DOMAIN env var and use our SDK.

    Feel free to email me, join our Discord, or open an issue if you have any questions

    [0] https://github.com/e2b-dev/infra

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  • host-spawn

    Run commands on your host from inside your toolbox or flatpak sandbox

  • nomad-pledge-driver

    Nomad task driver capable of blocking unwanted syscall and filesystem access. Based on the pledge utility for Linux by Justine Tunney

    Project mention: Porting OpenBSD Pledge() to Linux | news.ycombinator.com | 2023-10-30

    https://github.com/shoenig/nomad-pledge-driver

  • kira

    A fast and scalable general purpose sandbox code execution engine. (by FlorianWoelki)

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Go Sandbox discussion

Log in or Post with

Go Sandbox related posts

Index

What are some of the best open-source Sandbox projects in Go? This list will help you:

Project Stars
1 gvisor 15,544
2 codapi 1,458
3 OPS 1,264
4 pipecd 1,060
5 eBPF-Guide 523
6 nomad-driver-podman 227
7 infra 174
8 host-spawn 109
9 nomad-pledge-driver 22
10 kira 18

Sponsored
Purpose built for real-time analytics at any scale.
InfluxDB Platform is powered by columnar analytics, optimized for cost-efficient storage, and built with open data standards.
www.influxdata.com