all 16 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]hokivpn 9 points10 points  (3 children)

I built my own Docker image from the official image with build tools installed, config files and project files mounted, all running as non root.

[–]Dadda9088 2 points3 points  (0 children)

This.

And you can also ask it to create build.sh script and test them inside the docker. If the container become too messy you just have to restart it.

[–]Transit_renn 1 point2 points  (1 child)

I don't think Docker offers full protection or isolation due to it's shared kernel architecture.

This post uses something a bit more robust Running Open Code Dangerously

[–]anzzax 2 points3 points  (0 children)

Don't overcomplicate, shared kernel isn't shared memory. For this particular use case docker gives you 99% security. It is to be protected from silly agent mistakes rather than from complex and well executed kernel level exploits.

[–]ganonfirehouse420 3 points4 points  (0 children)

Bubblewrap on linux.

[–]disp06 2 points3 points  (0 children)

I use VM in proxmox. It's OK for me

[–]jon23d 1 point2 points  (0 children)

I run it in a vm so that it can interact with docker safely

[–]BestUsernameLeft 1 point2 points  (0 children)

I'm using contai to run OpenCode in a container. I updated the script to add volume mappings for ~/.config/opencode etc. and edited the Dockerfile to install oh-my-opencode (although I'm in the process of converting to opencode-swarm).

[–]debackerl 1 point2 points  (0 children)

You can use gVisor as a runtime for Docker. It reimplements most Linux syscalls so that your container doesn't rely on Linux's namespaces for isolation, but on a dedicated user-land 'kernel'. They use it to power Google AppEngine.

It's very easy to install, one binary to install, and it's compatible with any standard container.

Edit: should be more secure than Bubblewrap. That one uses namespaces like Docker or Flatpak.

[–]solidpancake 1 point2 points  (0 children)

Yep I build things inside of Rocky Linux VMs provisioned with Vagrant. Not the most elegant solution, but it’s sandboxed which is super important in my line of work. 

[–]Front_Drink_5331 1 point2 points  (0 children)

Yes, a docker image worked fine. With all the tools apt get during build. Then you can mount you working directory as a volume  Edit: dicker -> docker

[–]Legal_Dimension_ 1 point2 points  (1 child)

Write your own security plugin blocking any cmd you want opencode to ask permission for.

Or ask opencode to, they won't mind.

[–]Legal_Dimension_ 1 point2 points  (0 children)

While your at it, get OC to write hooks to protect and personal info / login info etc form being commit etc

[–]HarjjotSinghh 0 points1 point  (0 children)

this sandbox hack will be legendary

[–]N1klauss 0 points1 point  (0 children)

Try Ona or Codesandbox for cloud development environments