Comment by aussieguy1234 1 month ago If you're on Linux, you can run AI agents in Firejail to limit access to certain folders/files. 5 comments aussieguy1234 Reply ichiichisan 1 month ago Does it allow access to GPUs and all system resources? That is unfortunately a limitation a lot of these sandboxes often have and you need to run a container or vm to get that. nezhar 1 month ago Looks interesting. How does this compare to a container? subsection1h 1 month ago Containers aren't a sandbox:https://news.ycombinator.com/item?id=46405993 aussieguy1234 1 month ago It uses Linux kernel namespaces instead of chroot (containers are just fancy Liunx chroot) samlinnfer 1 month ago Ackually, “containers” on linux are usually implemented using linux namespaces instead of chroot.
ichiichisan 1 month ago Does it allow access to GPUs and all system resources? That is unfortunately a limitation a lot of these sandboxes often have and you need to run a container or vm to get that.
nezhar 1 month ago Looks interesting. How does this compare to a container? subsection1h 1 month ago Containers aren't a sandbox:https://news.ycombinator.com/item?id=46405993 aussieguy1234 1 month ago It uses Linux kernel namespaces instead of chroot (containers are just fancy Liunx chroot) samlinnfer 1 month ago Ackually, “containers” on linux are usually implemented using linux namespaces instead of chroot.
aussieguy1234 1 month ago It uses Linux kernel namespaces instead of chroot (containers are just fancy Liunx chroot) samlinnfer 1 month ago Ackually, “containers” on linux are usually implemented using linux namespaces instead of chroot.
samlinnfer 1 month ago Ackually, “containers” on linux are usually implemented using linux namespaces instead of chroot.
Does it allow access to GPUs and all system resources? That is unfortunately a limitation a lot of these sandboxes often have and you need to run a container or vm to get that.
Looks interesting. How does this compare to a container?
Containers aren't a sandbox:
https://news.ycombinator.com/item?id=46405993
It uses Linux kernel namespaces instead of chroot (containers are just fancy Liunx chroot)
Ackually, “containers” on linux are usually implemented using linux namespaces instead of chroot.