For lightweight sandboxing on Linux you can use bubblewrap or firejail instead of Docker. They are faster and _simpler_. Here is a bwrap script I wrote to run Claude in a minimal sandbox an hour back:
Nice, thanks for sharing. The lack of an equivalent on macOS (sandbox-exec is similar but mostly undocumented and described as "deprecated" by Apple) is really frustrating.
I had been planning to explore Lima tonight as a mechanism to shackle CC on macOS.
The trouble with sandbox-exec is that it’s control over network access is not fine grain enough, and I found its file system controls insufficient.
Also, I recently had some bad experiences which lead me to believe the tool MUST be run with strict CPU and memory resource limits, which is tricky on macOS.
Wait, does lima do isolation in a macos context too?
It looks like linux vms, which apple's container-cli (among others) covers at a basic level.
I'd like apple to start providing macOS images that weren't the whole OS.. unless sandbox-exec/libsandbox have affordance for something close enough?
You can basically ask claude/chatgpt to write its jail (dockerfile) and then run that via `container` without installing anything on macos outside the container it builds (IIRC). Even the container-cli will use a container to build your container..
There is an equivalent. I played with it for a while before switching to containers. You can just sign an app with sandbox entitlements that starts a subshell and uses security bookmarks to expose folders to it. It's all fully supported by Apple.
You don't need bind mounts, you can just pass access rights to directories into the sandbox directly. Also sandboxed apps run inside a (filesystem) container so file writes to $HOME are transparently redirected to a shadow home.
Respectfully, it's not enough. You can't treat the inside of the sandbox as a generic macOS system. You can't really install arbitrary things or run arbitrary programs. The wheels fall off extremely quickly.
That's true which is why I abandoned that approach, but the original comparison was against Bubblewrap which has the same issues (yes with enough overlays you can make a semi-writable system into which you can install things but you can tunnel brew outside the sandbox also).
The main issue I had is that most dev tools aren't sandbox compatible out of the box and it's Apple specific tech. You can add SBPL exceptions to make more stuff work but why bother. Containers/Linux VMs work everywhere.
Would something like dagger.io work for sandboxing? I'm not sure on the security side of things, but I very much liked the presentation they did at the AI Engineering conference (San Fran, earlier this year) about how they can build branching containers to support branching or parallelized development workflows.
Yeah, that's definitely an option worth considering. Coincidentally I quoted Dagger founder Solomon Hykes in my article - the "An AI agent is an LLM wrecking its environment in a loop" line.
While sandbox-exec is officially "deprecated" it will be around for a long time, so building some tooling on top of it to make it useful seems valuable!
This is gold. Thanks so much for sharing. Being able to put claude in handcuffs and use --dangerously-skip-permissions without concern is a game changer!
Interesting: at first blush, it looks like it's clustered based on image similarity rather than time?
But that must be wrong, the README.md mentions it visualizing time.
I'd love to understand a bit more.
The README.md punts to Wikipedia on Hilbert curves, which is classic Wikipedia, makes sense if you understand it already :) and a 20 minute video on Hilbert curves, which I find hard to commit to, assuming its unlikely it touches on movie visualization via Hilbert curves.
It's definitely hard, and not your responsibility, to explain the scientific concept.
But, I'd love to have your understanding of how the visualization is more interesting.
A Hilbert curve is a mapping between 1D and 2D space that attempts to preserve locality. Two points that are close in 2D space tend to map to two points that are close in 1D space and vice versa.
If you imagine a movie as a line along the time axis with each frame as a pixel, there are multiple way to create an 2D image.
Bargraph is simple approach, but essentially it is still is a one dimensional. We are only using x axis.
Zig-zag pattern is another approach, where you start from top to bottom, left to right. But in this case the relative distance between close frames aren't fully preserved. Two distant frames might appear together, or close frames might end up far apart, which leads to odd looking artifacts.
Hilbert curve is a pattern to map 1D to fill space (2D) such that relative distance between any two points (frames) on the 1D line is somewhat preserved. That's why it appears as clump/blob.
Here it is hard to see the movie progression from start to end but all frames from a scene are always closer, which was what I was aiming. I find it interesting that visual aspect (color/scene) is easy to see here but temporal aspect isn't.
I was excited about the whole 1D to 2D mapping aspect at that time, leading to this toy.
I read the same book, also in Kannada. It was bought by my father when he was in high school. Of all the science books I have read, this one was more engaging and had a bigger impact on me growing up.
My father said he used to buy lot of soviet translations because they were cheap but the content was of high quality. Even after 30 years, when I picked them up, they were clearly distinct, including the Art, print quality and binding.
Software Engineer with 6+ years of experience. Currently working with a large scale distributed system involving Elixir. Worked on distributed job scheduler, event driven system, and RESTful microservices. I have experience architecting a product from ground up, leading a team for a while, working as an individual contributor and as a consultant. I am active in the Open Source community, contributing and maintaining a few projects.
Location: Bengaluru, India
Remote: Yes
Willing to relocate: Yes
Technologies: Elixir & OTP, JS, Ruby, C/C++, Java, Lisp, Kafka, Kubernetes, Redis, React, SQL
Résumé/CV: on request
Email: akashh246 [_at_] gmail [_dot_] com
Software Engineer with 6+ years of experience. Currently working on a large scale distributed system involving Elixir. Worked on distributed job scheduler, event driven system, and RESTful microservices. I have experience architecting a product from ground up, leading a team, worked as an individual contributor and as a consultant. Outside work, I am active in the Open Source community, contributing and maintaining several projects.
I am looking for challenging roles involving complex problem/domain
I don't know much about WASM, but how does this work with shared libraries? Is it even possible to call a shared library without any safety guarantees?
WASM runs in a sandbox, it's not possible to call a shared library directly in the same way as you do in C... all sys calls are "imported" functions that a host exposes to the WASM code running... this host has the ability to do anything around a sys call, which is likely how they manage to forbid access to network/filesystem for example.
The host can be the browser when running on the browser, or it can be one of the WASM runtimes (wasmtime, wasmer, Lucet)
> Streams, available in 5+ can handle a lot more use cases fluently
Stream does solve the backup queue issue, but not being able to filter messages from the consumer's pending list makes implementing retry mechanism and exponential backoff hard (without reaching to sorted set).
Though, I can understand the Redis team's decision to keep it simple.
> one can increment a single value outside the bloom filter to keep the values in the bloom filter low. Example: Instead of storing bloom filter [4,3,3,5,7,4,3,3,5], one could store it as (3)[1,0,0,2,4,1,0,0,2].
CMIIW, This only works if it's guaranteed that the reset (transition from high values to low) is propagated to all the nodes.
Which is not the case in a distributed system. Like, if a node is not reachable for a long time and every other node is reset except this one then its possible to have a state in which we can have false negatives.
By that logic anything which kills mass population is "not so bad". Why not just bomb cities. Infact if you read it as a response to "world wars", though not intended, that way of thinking justify that.
It depends on your view of the world I guess. In my view, humans are not special. We have no inherent right to live on this planet compared to other animals. Why should we not die off and let other creatures live? Only selfishness (and our cognitive ability to have it), enables; I want to live. Humans are not special (except for currently being at the top of the food-chain). We have reached our biological population limit. And it needs to go down. And even if it goes to zero, the universe won't care. We are just another species and we are about to go extinct, like so many before us. Unless drastic measures are taken. But the only ones who will care are still us, the humans. Maybe we just shouldn't, and die out and let some other, better suited, organism take over. Or none at all. In the end it doesn't actually matter...
Humans are actually special. We are smarter than any other animal on earth and have culture. Human brain is the most complex structure in the known universe, so even on that scale we are pretty special.
And it simply makes no sense to just throw away millions of years of evolution. Your nihilistic worldview is very naive.
To put it bluntly, because the road constant progress and improvement can potentially unveil the meaning of existence of the universe. Nihilism is naive by definition, just because you don't know the meaning, doesn't mean that there is no meaning at all.
That depends on the usecase. Sometimes you do want to start with clean state. If the process is in some invalid state which caused the crash in the first place, restarting the process is useless in this case
