Story

Hi HN, today we're launching Open Sandbox, an open-source, self-hostable Linux sandbox written in Rust. It runs commands in isolated environments using process level sandboxing rather than micro VMs.

AI agents and LLMs generate code, but you can't just exec() untrusted code on your machine. You need a sandbox, an isolated environment where that code runs without access to your hostsystem/data.

The idea came from a conversation between my co-founders and me about slow startup times in Firecracker/micro-VM-based sandboxes. He mentioned that during his PhD in the UK, he'd used process-level sandboxes in competitive programming, and they were fast. That sent us down a rabbit hole.

We looked at existing implementations of sandboxes with process level isolation like Isolate, Minijail, nsjail and found that process-level sandboxes have very low resource overhead and surprisingly fast startup times. So we built our own in Rust.

How this compares to E2B, Modal etc? Those are great products, but they're hosted services built on micro-VMs or containers. You send your workloads to their infrastructure and pay per usage.

Open Sandbox is different in three ways:

1. Self-hosted and open source. Your code never leaves your machines. (although, yes, e2b is open source but it is far from easy to self-host)

2. Process-level isolation instead of VMs. This means ~100ms startup and very low resource overhead per sandbox, vs the micro-VM approaches.

3. The trade-off is weaker isolation. A kernel exploit could escape the sandbox.

We also ran some benchmarks vs E2B: Open Sandbox was 2x faster at sandbox creation, faster at Git Clone, and also had 6x concurrency. E2B was faster on command execution. More details in the README of the repo with exact numbers.

This is incredibly early - curious on feedback!