Hey! Yes, Fence was inspired by sandbox-runtime. Both use the same underlying OS primitives (sandbox-exec on macOS, bubblewrap on Linux) and proxy-based network filtering.
Fence adds additional controls on top of what is available on sandbox-runtime:
- Command deny rules
- SSH command filtering
- Port exposure for inbound connections (useful for running dev servers inside the sandbox). This is a key reason why I decided to create Fence - because https://github.com/Use-Tusk/tusk-drift-cli spins up users’ services locally for trace replays and Fence helps to block unintended localhost outbound connections.
- Built-in templates for common developer workflows
- Better ergonomics for violation monitoring (`fence -m` gives you real-time violation logging on both macOS and Linux via eBPF, vs sandbox-runtime where Linux requires manual strace)
In summary, Fence layers extra permission-management features for wrapping popular CLI agents. If you just need filesystem + network isolation and you're in the Node ecosystem, sandbox-runtime is great. If you want command blocking, SSH filtering, inbound port exposure, or a standalone Go binary, Fence adds that.
love the idea! I would have registered if it weren't using passkey. is there a reason you chose this for user verification? I've never used it and am hesitant to adopt technologies that give chrome more control over the browser market
Many password managers have passkey support, I'm using the free version of Bitwarden and can recommend it. Windows Hello can also be used, and afaik Apple Keychain too.
I chose it because I wanted to learn more about passkeys and I liked the idea that I wouldn’t have to deal with private credentials themselves; just save a public key to my database. I use both KeePassXC and Bitwarden and they’re slowly getting support for passkeys (currently only on desktop).
I briefly had the ability to add a new passkey to the same account but wanted to keep it simple for my friends and not confuse them more. If that’s something that could help I’d be open to adding it in again.
I'm a novice at nginx and using modules. how do I figure out if the nginx docker images that I use are effected by this? it looks like the default image uses `debian:bookworm-slim`. is it safe to assume that the compiled version in that upstream image isn't using any additional modules?
> The issues affect nginx compiled with the ngx_http_v3_module (not
compiled by default) if the "quic" option of the "listen" directive
is used in a configuration file.
The official nginx docker images ship with HTTP3 module enabled - and we have released the updated ones earlier today - so please update to stay secure.
You can also launch something like:
$ docker run -ti --rm nginx:latest nginx -V
to check which modules are compiled in to the binary you're running.
https://github.com/anthropic-experimental/sandbox-runtime