HackerTrans
トップ新着トレンドコメント過去質問紹介求人

amsha

no profile record

投稿

Show HN: Ash, an Agent Sandbox for Mac

ashell.dev
16 ポイント·投稿者 amsha·4 か月前·15 コメント

コメント

amsha
·4 か月前·議論
Yeah, the underlying sandbox technology between Ash and CC is fundamentally different.

Ash is built on the Endpoint Security and Network Extension APIs. Together, they cover the full gamut of potential sandbox escapes, and it's a simple process to update sandbox rules while the sandboxed process is running.

Claude Code sandbox is built mainly on sandbox-exec, an older macOS sandbox technology. It works for filesystem and IO device control, but it can only filter network requests by IP address. CC uses an application-level network proxy as a workaround, but not every network client respects the HTTP_PROXY env variable it requires. There are other workarounds in CC sandbox for complex use cases (e.g. dangerouslyDisableSandbox) that Ash does not need.
amsha
·4 か月前·議論
Good idea about the GitHub stub repo, I've added it here: https://github.com/Ash-Sandbox/bugs.

Your feedback about permissions is something I'm working on fixing now. Apple requires multiple permissions for Endpoint Security and Network Extension APIs and the current setup process doesn't walk users through that process as elegantly as I would like it to.
amsha
·4 か月前·議論
Yeah I think that's a good point. I've added process-specific network access to the roadmap: https://github.com/Ash-Sandbox/bugs/issues/1
amsha
·4 か月前·議論
I'd be interested in seeing a breakdown in which ones use:

- VMs - Containers - sandbox-exec (macOS builtin tool) - Endpoint Security + Network Extension (AFAIK this is just Ash but it would be good to see company here)
amsha
·4 か月前·議論
Yeah I like the idea of allowing the sandbox to restrict network connections to specific processes. I'll put it on the roadmap: https://github.com/Ash-Sandbox/bugs/issues/1