HN Reader

Racing airplane design for a concept art of a fictional aerial world (instagram.com)

1 points by epicusdraw 4m ago 0 comments

Ask HN: What tool, tech or process in front-end dev would you improve/change?

1 points by herol3oy 4m ago 0 comments

Connecting SharePoint and Microsoft OneDrive to ChatGPT Deep Research (help.openai.com)

1 points by gfortaine 6m ago 0 comments

CoCalc HTTP-Proxy-3 (npmjs.com)

1 points by BlaecBejarano 6m ago 1 comments

Email domain to tell everyone that you use Vim editor (iusevimbtw.com)

1 points by zhisme 6m ago 0 comments

Auction to Dine with Trump Creates Foreign Influence Opportunity (nytimes.com)

1 points by ChrisArchitect 6m ago 1 comments

Two Months in Servo: CSS Nesting, Shadow DOM, Clipboard API, and More (servo.org)

1 points by todsacerdoti 7m ago 0 comments

Understanding customers: it starts with specificity, not generality (doinghandstands.substack.com)

1 points by newsinsposhare 7m ago 0 comments

HealthBench (openai.com)

1 points by mfiguiere 8m ago 0 comments

Chegg to lay off 22% of workforce as AI tools shake up edtech industry (reuters.com)

3 points by speckx 12m ago 1 comments

Tables for Layout? Absurd. (2017) (thehistoryoftheweb.com)

1 points by ArinaS 14m ago 0 comments

iOS 18.5 (macrumors.com)

1 points by tosh 15m ago 0 comments

Intro to Autograd Engines: Karpathy's Micrograd Implemented in Go (nathan.rs)

1 points by nathan-barry 15m ago 1 comments

Visual Studio Code beefs up AI coding features (infoworld.com)

1 points by aard 16m ago 0 comments

WebKit Features in Safari 18.5 (webkit.org)

1 points by feross 18m ago 0 comments

Ask HN: How should we version our models?

2 points by joshdavham 20m ago 1 comments

Show HN: The missing inbox for GitHub pull requests (github.com)

1 points by pvcnt 21m ago 0 comments

Germ-theory skeptic RFK Jr. goes swimming in sewage-tainted water (arstechnica.com)

3 points by rntn 21m ago 1 comments

Hunyuan-TurboS: the first ultra-large Hybrid-Transformer-Mamba MoE model (twitter.com)

1 points by tosh 23m ago 0 comments

Access to the United States' President for Sale via Meme Coin (mastodon.social)

10 points by doener 24m ago 4 comments

Show HN: Running C code inside of Scratch – proof-of-concept (github.com)

1 points by QuantumTaco74 28m ago 0 comments

My Superbooth 2025 Experience (blog.orhun.dev)

2 points by orhunp_ 30m ago 0 comments

U.S. Nuclear Emergency Support aircraft touched down in Pakistan (thecommunemag.com)

3 points by rustoo 32m ago 0 comments

Thanks to Trump, OpenAI is struggling to get its Stargate project off the ground (neowin.net)

1 points by bundie 33m ago 0 comments

An update on the OSU-OSL funding situation (discourse.osgeo.org)

2 points by zinekeller 36m ago 0 comments

DuckDB: H3 (duckdb.org)

1 points by tosh 40m ago 0 comments

Create a new type of PKM for everyone (vetis.ai)

1 points by AiVetis 45m ago 0 comments

Several conferences relocate north of the border as Canadians refuse U.S. travel (cbc.ca)

2 points by colinprince 46m ago 0 comments

Show HN: C1 – an OpenAI-compatible LLM API that renders real UI instead of md

1 points by rabisg 49m ago 0 comments

Linux Kernel Exploitation Series (r1ru.github.io)

1 points by hkopp 52m ago 0 comments

Rescission of Recordkeeping on Restricted Pesticides by Certified Applications (federalregister.gov)

2 points by impish9208 52m ago 0 comments

Byte Latent Transformer: Patches Scale Better Than Tokens (arxiv.org)

4 points by dlojudice 55m ago 1 comments

Hacker News Dark Mode (Chrome Extension) (chromewebstore.google.com)

2 points by michalpleban 56m ago 1 comments

The USA's First Pope (amazingfacts.org)

1 points by afaxwebgirl 56m ago 1 comments

Cartwheel Robotics Wants to Build Humanoids That People Love (spectrum.ieee.org)

1 points by purpleko 56m ago 0 comments

Show HN: UsePRD-Plan new features with full codebase context- drop into Cursor (useprd.com)

1 points by hotrod46 58m ago 1 comments

A new type of AI is helping police skirt facial recognition bans (technologyreview.com)

2 points by gnabgib 59m ago 1 comments

Combine Hash and Limited Preimage Data to Improve Security of Password Hash (github.com)

1 points by Edmond 59m ago 0 comments

Why Magician David Blaine Fasts for Days Before His Shows (wsj.com)

1 points by elsewhen 1h ago 1 comments

Ask HN: Can On-device AI solve projected energy crisis?

1 points by vkkhare 1h ago 1 comments

Fingers wrinkle in the same pattern every time (binghamton.edu)

1 points by geox 1h ago 0 comments

Perplexity wrapping talks to raise $500M at $14B valuation (cnbc.com)

1 points by mfiguiere 1h ago 1 comments

If Everyone Has Trauma, Everyone Has Trauma (freddiedeboer.substack.com)

3 points by paulpauper 1h ago 0 comments

I hacked a dating app (and how not to treat a security researcher) (alexschapiro.com)

148 points by bearsyankees 1h ago 55 comments

At least five interesting things: Requiem for capitalism edition (#63) (noahpinion.blog)

1 points by paulpauper 1h ago 0 comments

Show HN: Shorts Stopper – Block YouTube Shorts on Safari iOS (apps.apple.com)

1 points by abyesilyurt 1h ago 0 comments

We built AI-powered Root Cause Analysis that works (coroot.com)

2 points by ekiauhce 1h ago 0 comments

Microsoft shares rare look at Windows 11 Start menu designs it explored (windowscentral.com)

1 points by taubek 1h ago 1 comments

How the Net Was Won – University of Michigan Heritage Project (heritage.umich.edu)

1 points by rbanffy 1h ago 0 comments

The Internet 1997 – 2021 (opte.org)

2 points by smusamashah 1h ago 0 comments

Sandbox: Linux tool to create lightweight COW sandboxes to run stuff in

3 anoek 1 5/12/2025, 3:06:44 PM github.com ↗

Comments (1)

anoek · 2h ago
With the rise of things like AI agents wanting to run commands on my computer, I wanted a way to let them do that but in a safe environment. `sandbox` is a tool that utilizes built in Linux features like namespaces and OverlayFS to create essentially a container that looks and feels pretty much identical to my host machine, but any changes made are done in a staging area that I can later accept or reject changes from. There's also a crude network on/off toggle so if I'm running something I don't trust not to send data off to malicious actor, I can sandbox it without network access.

While my own use case primarily revolves around letting AI agents run amok in their own sandboxes, it's meant to be general purpose and I could see it being useful for some development tasks like testing file migrations or other file management tasks where you want to snapshot and discard frequently. Another use case I'll be using it for is to vet installing things from whatever trendy shell based installer that expects you to curl pipe a shell script into sudo bash, and in general running things I don't fully trust not to inadvertently mess something up on my computer.

This is the initial public release. I've been using it internally for a couple of months now and I think I have most of the serious issues squashed, but I'm sure there are some issues and many improvements to be made, feedback and bug reports are appreciated.