pancake :radare2: on Nostr: TIL Docker v4.58+ have the `sandbox` subcommand to run commands with restricted ...
TIL Docker v4.58+ have the `sandbox` subcommand to run commands with restricted filesystem access, ideal for running coding agents in yolo mode (or any other software you can't trust like ghidra or ida)
Published at
2026-03-23 12:20:33 UTCEvent JSON
{
"id": "9a32eb0bffc56af67e23c237a84cee3de3e0d8aa795ca53dc00bceb5bfd64302",
"pubkey": "ccca24c1e7c8dc9068b0c0f6ed38670d995d42c6f9ed5fdcc725baa0e39da1a6",
"created_at": 1774268433,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/@pancake/116278456057632950",
"web"
],
[
"proxy",
"https://infosec.exchange/users/pancake/statuses/116278456057632950",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/pancake/statuses/116278456057632950",
"pink.momostr"
],
[
"-"
]
],
"content": "TIL Docker v4.58+ have the `sandbox` subcommand to run commands with restricted filesystem access, ideal for running coding agents in yolo mode (or any other software you can't trust like ghidra or ida)",
"sig": "85f71a8054424c3149ae9e3d1a68c8fc5b17a6a07cbcb86ceb4b2d302a7805ca7dda57c1faa6c98b1e2bf8fc799db27f9b2d0be46edea215b257a8613e689475"
}
