Hacker News new | past | comments | ask | show | jobs | submit login

Docker containers probably aren’t enough isolation. But throw some firecrackervm in the pot and you’ve got a stew going.



Repl.it uses Docker containers too, only recently started work on moving to better isolation mechanisms like VMs


At replit every repl is indeed a docker container, but that is absolutely not the primarily isolation mechanism. Here’s a comment from CEO @amasad to that effect in 2019 (so, even more secure now I am certain) https://news.ycombinator.com/item?id=19215175


I'm using https://github.com/live-codes/livecodes to just move it all completely into the client with a replit-like alternative thing we're working on




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: