Building a secure/sandboxed environment for executing untrusted code

This page summarizes the projects mentioned and recommended in the original post on dev.to
Docker Containers virtual-machine Sandbox Kubernetes

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • gopg

    A minimal microservice written in Go that executes Go programs. This microservice can be used to set-up local go learning environment at your workspace/school. You can also use the provided zero-configuration docker-image for quick deployments.

    • My clone of Playground.

  • firecracker

    Secure and fast microVMs for serverless computing.

    • AWS Firecracker

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • gvisor

    Application Kernel for Containers

    • gVisor by Google is a userspace application kernel written in Go. Userspace kernel is a software that runs completely in user-mode and has less privilege (since it runs in user-mode). It also acts as a kernel emulation layer, that means, it can act as a fake kernel and can receive and process system-calls, thus hiding the host kernel. gVisor is compatible with OCI and provides a OCI runtime called runsc that can be used by container management tool like docker as the underlying runtime. (docker uses runc as the default runtime).

  • runtime

    Discontinued Kata Containers version 1.x runtime (for version 2.x see https://github.com/kata-containers/kata-containers). (by kata-containers)

    • Kata Containers

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts