Rust Sandbox

Open-source Rust projects categorized as Sandbox
Edit details
Topics: Rust Containers WebAssembly WASM Nix
Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
Sponsored

Top 7 Rust Sandbox Projects

  • firecracker

    Secure and fast microVMs for serverless computing.

    • Project mention: Lambda Internals: Why AWS Lambda Will Not Help With Machine Learning | dev.to | 2024-04-25

    This architecture leverages microVMs for rapid scaling and high-density workloads. But does it work for GPU? The answer is no. You can look at the old 2019 GitHub issue and the comments to it to get the bigger picture of why it is so.

  • wasmtime

    A fast and secure runtime for WebAssembly

    • Project mention: Backdoor in upstream xz/liblzma leading to SSH server compromise | news.ycombinator.com | 2024-03-29

    Just a documentation change, fortunately:

    https://github.com/bytecodealliance/wasmtime/commits?author=...

    They've submitted little documentation tweaks to other projects, too, for example:

    https://learn.microsoft.com/en-us/cpp/overview/whats-new-cpp...

    I don't know whether this is a formerly-legitimate open source contributor who went rogue, or a deep-cover persona spreading innocuous-looking documentation changes around to other projects as a smokescreen.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • kuasar

    A multi-sandbox container runtime that provides cloud-native, all-scenario multiple sandbox container solutions.

    • Project mention: The advantage of WASM compared with container runtimes | news.ycombinator.com | 2023-05-28

    Right now most early examples alas boot a container with a wasm runtime for each wasm instance, which is a sad waste. The whole advantage of wasm should be very lightweight low overhead wasm runtime instances atop a common wasm process. Having a process or container for each instance loses a ton of the benefit, makes it not much better than a regular container.

    Thankfully there is work like the Containerd Sandbox API which enables new architectures like this. https://github.com/containerd/containerd/issues/4131

    It's still being used to spawn a wasm processes per instance for now, but container runtime project Kuasar is already using the Sandbox API to save significant resources, and has already chimed in in comments on HN to express a desire to have shared-process/multi-wasm-instamxe runtimes, which could indeed allow sub ms spawning that could enable instance per request architectures. https://github.com/kuasar-io/kuasar

  • birdcage

    Cross-platform embeddable sandboxing

    • Project mention: Ledger's NPM account has been hacked | news.ycombinator.com | 2023-12-14

    Co-funder @ Phylum here (https://phylum.io) We have been actively scanning dependencies across npm (and PyPI, RubyGems, Crates.io, etc.) for nearly three years now; quite successfully, I might add (https://blog.phylum.io/tag/research/). We _automatically_ hit on this package when it was published, and our research team has been all over it.

    A collective of us are active in Discord (https://discord.gg/Fe6pr5eW6p), continuing to hunt attacks like these. If that's something that interests you, we'd love to have you!

    In addition to this, we've released several open source tools to help protect against supply chain attacks:

    1. https://github.com/phylum-dev/birdcage - Birdcage is a cross-platform embeddable sandbox that's been baked into our CLI (which wraps npm, pypi, etc.) to sandbox package installations

    2. https://github.com/phylum-dev/cli - Our CLI provides an extension capability so you can lock down random executables you might use during your software development (define _what_ it's allowed to do, e.g. network access, and then lock it down with Birdcage)

    We also have a variety of integrations, including Github, Gitlab, BitBucket, CircleCI, Tines, Sophos, etc.

    https://docs.phylum.io/docs/integrations_overview

    It's unfortunate that software dependency attacks continue to plague open source registries. It seems unlikely this will let up in the near future. We are continuing to work closely with the open source ecosystems to try and get these sorts of packages removed when they pop up.

  • sandkasten

    Run untrusted code in an isolated environment

    • Project mention: Sandboxing C++, Rust, Python Code? | /r/rust | 2023-07-09

    The code is available on GitHub (https://github.com/Defelo/sandkasten) and there is also a link to a public test instance in the readme. Feel free to let me know if this is useful to you or if something is unclear. Any kind of feedback is appreciated!

  • sandbox

    ⏳ A Command-Line Sandbox Tester for Different Environments (by the-sandbox-project)

    • Project mention: Sandbox: A Command-Line Sandbox Tester for Different Programming Languages | news.ycombinator.com | 2023-05-12

  • rusty-city

    Sand simulation game

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Rust Sandbox related posts

Index

What are some of the best open-source Sandbox projects in Rust? This list will help you:

Project Stars
1 firecracker 24,024
2 wasmtime 14,407
3 kuasar 1,170
4 birdcage 172
5 sandkasten 23
6 sandbox 6
7 rusty-city 1

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com