#gvisor — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #gvisor, aggregated by home.social.
-
lookks like #Google #gVisor containers are safe from #Copyfail:
Traceback (most recent call last):
File "<stdin>", line 9, in <module>
File "<stdin>", line 5, in c
File "/usr/lib/python3.13/socket.py", line 233, in __init__
_socket.socket.__init__(self, family, type, proto, fileno)
~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
OSError: [Errno 97] Address family not supported by protocol
cloudshell@cloudshell:~$ -
#GVisor supports only x86_64, arm64 yet they claim they run everywhere. #Sydbox passes tests on x86_64, i686, x32, arm64, armv7, ppc64, ppc64le, ppc, s390x, loongarch64, mips64el, and mipsel but I won't claim we are portable until we have mips64, mips, m68k and sparc! Huge thanks to Compile Farm people for enabling us to test Syd on various different architectures! #exherbo #linux #security
-
#GVisor supports only x86_64, arm64 yet they claim they run everywhere. #Sydbox passes tests on x86_64, i686, x32, arm64, armv7, ppc64, ppc64le, ppc, s390x, loongarch64, mips64el, and mipsel but I won't claim we are portable until we have mips64, mips, m68k and sparc! Huge thanks to Compile Farm people for enabling us to test Syd on various different architectures! #exherbo #linux #security
-
#GVisor supports only x86_64, arm64 yet they claim they run everywhere. #Sydbox passes tests on x86_64, i686, x32, arm64, armv7, ppc64, ppc64le, ppc, s390x, loongarch64, mips64el, and mipsel but I won't claim we are portable until we have mips64, mips, m68k and sparc! Huge thanks to Compile Farm people for enabling us to test Syd on various different architectures! #exherbo #linux #security
-
#GVisor supports only x86_64, arm64 yet they claim they run everywhere. #Sydbox passes tests on x86_64, i686, x32, arm64, armv7, ppc64, ppc64le, ppc, s390x, loongarch64, mips64el, and mipsel but I won't claim we are portable until we have mips64, mips, m68k and sparc! Huge thanks to Compile Farm people for enabling us to test Syd on various different architectures! #exherbo #linux #security
-
#GVisor supports only x86_64, arm64 yet they claim they run everywhere. #Sydbox passes tests on x86_64, i686, x32, arm64, armv7, ppc64, ppc64le, ppc, s390x, loongarch64, mips64el, and mipsel but I won't claim we are portable until we have mips64, mips, m68k and sparc! Huge thanks to Compile Farm people for enabling us to test Syd on various different architectures! #exherbo #linux #security
-
If you think TOCTOUs are a thing of the past, think again: https://github.com/google/gvisor/commit/2a22300877d552c8e2e228e6ad919e5eda34cb11 #gvisor #linux #security
-
Disclosing a cross-tenant container isolation failure in Google Gemini's code_execution API sandbox.
Submitted to Google VRP on March 19 (ticket #493931439). Closed five times across 25 comments by the same triage handler citing "hallucination," "intended behavior," and a redirect to the gVisor open-source project. No technical engagement on any confirmed primitive. Published the full report and evidence on April 8 after exhausting the VRP process.
Confirmed across three independent Google accounts:
— /proc/<pid>/environ reads from foreign sessions, returning the complete environment of other tenants' processes including INTERPRETER_CALLBACK_SOCKET, INTERPRETER_POLL_CALLBACK, and full session configuration. Verified with raw \x00 null bytes across five consecutive clean runs.
— /proc/<pid>/mem ELF header reads from foreign processes.
— Writes to foreign session control scripts (/tmp/icb<id>/poll, cb.sock).
— Identical BOOT_ID across three independent Google accounts, confirming shared physical container.
— Session ID collisions across independent API users.
— ptrace(PTRACE_ATTACH) = 0 on PID 12, the root RPC process holding live authenticated Stubby/Borg file descriptors. Seccomp disabled. Full capabilities present.
— Shared PID, network, IPC, mount, and UTS namespaces across sessions, verified via /proc/<pid>/ns inode comparison.
The architectural issue: the API path provides near-zero isolation between independent tenants on the same physical container, while the Gemini UI path properly isolates namespaces. The disparity is the core finding.
Full 42-page technical report, evidence extracts, screenshots, ticket history, and reproduction steps:
https://github.com/Mo7ammedMajdy/gemini-sandbox-isolation-failure
-
Disclosing a cross-tenant container isolation failure in Google Gemini's code_execution API sandbox.
Submitted to Google VRP on March 19 (ticket #493931439). Closed five times across 25 comments by the same triage handler citing "hallucination," "intended behavior," and a redirect to the gVisor open-source project. No technical engagement on any confirmed primitive. Published the full report and evidence on April 8 after exhausting the VRP process.
Confirmed across three independent Google accounts:
— /proc/<pid>/environ reads from foreign sessions, returning the complete environment of other tenants' processes including INTERPRETER_CALLBACK_SOCKET, INTERPRETER_POLL_CALLBACK, and full session configuration. Verified with raw \x00 null bytes across five consecutive clean runs.
— /proc/<pid>/mem ELF header reads from foreign processes.
— Writes to foreign session control scripts (/tmp/icb<id>/poll, cb.sock).
— Identical BOOT_ID across three independent Google accounts, confirming shared physical container.
— Session ID collisions across independent API users.
— ptrace(PTRACE_ATTACH) = 0 on PID 12, the root RPC process holding live authenticated Stubby/Borg file descriptors. Seccomp disabled. Full capabilities present.
— Shared PID, network, IPC, mount, and UTS namespaces across sessions, verified via /proc/<pid>/ns inode comparison.
The architectural issue: the API path provides near-zero isolation between independent tenants on the same physical container, while the Gemini UI path properly isolates namespaces. The disparity is the core finding.
Full 42-page technical report, evidence extracts, screenshots, ticket history, and reproduction steps:
https://github.com/Mo7ammedMajdy/gemini-sandbox-isolation-failure
-
#gVisor recently got its own #ASLR implementation. OTOH, #Sydbox uses ASLR provided by the #Linux #kernel and enforces PIE executables. #HardenedBSD has a sysctl to enforce PIE as well: https://man.exherbo.org/syd.7.html#Enforcing_Position-Independent_Executables_(PIE) #exherbo #linux #security
-
#gVisor recently got its own #ASLR implementation. OTOH, #Sydbox uses ASLR provided by the #Linux #kernel and enforces PIE executables. #HardenedBSD has a sysctl to enforce PIE as well: https://man.exherbo.org/syd.7.html#Enforcing_Position-Independent_Executables_(PIE) #exherbo #linux #security
-
#gVisor recently got its own #ASLR implementation. OTOH, #Sydbox uses ASLR provided by the #Linux #kernel and enforces PIE executables. #HardenedBSD has a sysctl to enforce PIE as well: https://man.exherbo.org/syd.7.html#Enforcing_Position-Independent_Executables_(PIE) #exherbo #linux #security
-
#gVisor recently got its own #ASLR implementation. OTOH, #Sydbox uses ASLR provided by the #Linux #kernel and enforces PIE executables. #HardenedBSD has a sysctl to enforce PIE as well: https://man.exherbo.org/syd.7.html#Enforcing_Position-Independent_Executables_(PIE) #exherbo #linux #security
-
#gVisor recently got its own #ASLR implementation. OTOH, #Sydbox uses ASLR provided by the #Linux #kernel and enforces PIE executables. #HardenedBSD has a sysctl to enforce PIE as well: https://man.exherbo.org/syd.7.html#Enforcing_Position-Independent_Executables_(PIE) #exherbo #linux #security
-
👀 So, here's 18 minutes of pure geeky bliss where we pretend #sandboxing is as thrilling as bungee jumping. 🏗️ Let's endlessly list things like namespaces, #cgroups, and #gVisor while forgetting that 99% of readers are now asleep. 😴 Keep your kernels close, folks, because apparently, they’re the rockstars of this yawn-fest. 🎸
https://www.shayon.dev/post/2026/52/lets-discuss-sandbox-isolation/ #geekybliss #techhumor #HackerNews #ngated -
To compare #sydbox and #gvisor, take 2 CVEs: CVE-2018-19333, gvisor proc2proc arbitrary-memory-write which wasn't classified as sandbox break. Vuln is there because gvisor uses the seccomp-trap API to run all in a single process ignoring ASLR.. CVE-2024-42318 aka Houdini is a #landlock break where a keyrings(7) call would unlock the sandbox. Syd wasn't affected: 1. keyrings is def disabled 2. open call happens in a syd emulator thread confined by same landlock sandbox. #exherbo #linux #security
-
Would you be interested in cooperating to build the next #dangerzone #flatpak #snap #ai/#gpu #rustlang #sandbox (insert-hype-here) based on #sydbox rather than #bubblewrap #firejail #snap-confine #gvisor (insert-sandbox-here)? We have #sydbox the application kernel, pandora the automatic profile writer, and syd-tui as a basic tui frontend using #ratatui, however we lack more practical tooling for wider adoption. Dreams, ideas, plans, all sorts of feedback, and contributions are equally welcome!
-
Would you be interested in cooperating to build the next #dangerzone #flatpak #snap #ai/#gpu #rustlang #sandbox (insert-hype-here) based on #sydbox rather than #bubblewrap #firejail #snap-confine #gvisor (insert-sandbox-here)? We have #sydbox the application kernel, pandora the automatic profile writer, and syd-tui as a basic tui frontend using #ratatui, however we lack more practical tooling for wider adoption. Dreams, ideas, plans, all sorts of feedback, and contributions are equally welcome!
-
Would you be interested in cooperating to build the next #dangerzone #flatpak #snap #ai/#gpu #rustlang #sandbox (insert-hype-here) based on #sydbox rather than #bubblewrap #firejail #snap-confine #gvisor (insert-sandbox-here)? We have #sydbox the application kernel, pandora the automatic profile writer, and syd-tui as a basic tui frontend using #ratatui, however we lack more practical tooling for wider adoption. Dreams, ideas, plans, all sorts of feedback, and contributions are equally welcome!
-
Would you be interested in cooperating to build the next #dangerzone #flatpak #snap #ai/#gpu #rustlang #sandbox (insert-hype-here) based on #sydbox rather than #bubblewrap #firejail #snap-confine #gvisor (insert-sandbox-here)? We have #sydbox the application kernel, pandora the automatic profile writer, and syd-tui as a basic tui frontend using #ratatui, however we lack more practical tooling for wider adoption. Dreams, ideas, plans, all sorts of feedback, and contributions are equally welcome!
-
Would you be interested in cooperating to build the next #dangerzone #flatpak #snap #ai/#gpu #rustlang #sandbox (insert-hype-here) based on #sydbox rather than #bubblewrap #firejail #snap-confine #gvisor (insert-sandbox-here)? We have #sydbox the application kernel, pandora the automatic profile writer, and syd-tui as a basic tui frontend using #ratatui, however we lack more practical tooling for wider adoption. Dreams, ideas, plans, all sorts of feedback, and contributions are equally welcome!
-
#AIAnToan #Sandboxing #KhoaHocDuLieu #AIQuanLy
Giới hạn hành vi tự chủ của agent AI thông qua sandboxing – bài viết phân tích rủi ro từ truy cập tool không kiểm soát, lộ trình mạng/hệ thống, và các giải pháp như Docker, Firecracker, gVisor. Tìm hiểu cách tối ưu an toàn trong sản phẩm.
#AIUnsafe #AnToanCongNghe #QuanLyAI #Container #MicroVM #GVisor #DevOps #Cybersecurity
https://www.reddit.com/r/programming/comments/1po8ar9/sandboxing_ai_agents_practical_ways_to_limit/
-
#AIAnToan #Sandboxing #KhoaHocDuLieu #AIQuanLy
Giới hạn hành vi tự chủ của agent AI thông qua sandboxing – bài viết phân tích rủi ro từ truy cập tool không kiểm soát, lộ trình mạng/hệ thống, và các giải pháp như Docker, Firecracker, gVisor. Tìm hiểu cách tối ưu an toàn trong sản phẩm.
#AIUnsafe #AnToanCongNghe #QuanLyAI #Container #MicroVM #GVisor #DevOps #Cybersecurity
https://www.reddit.com/r/programming/comments/1po8ar9/sandboxing_ai_agents_practical_ways_to_limit/
-
Never trust other people's benchmarks: For #sydbox benchmarks are run in CI with different profiles over #git compilation. #gvisor is also used with ptrace and systrap backends to have a solid ground to compare against. Unlike the unrealistic getpid benchmark which gvisor devs use in their blogpost to justify systrap is noticably faster, our benchmark claim the opposite. This on its own proves nothing but it's enough reason to be skeptic about benchmarks. #exherbo #linux https://builds.sr.ht/~alip/job/1587917#task-bench
-
Wrote some learning about #gVisor https://blog.yelinaung.com/posts/gvisor/
-
Well, that's a bit of a letdown. I upgraded my machines to Talos 1.8.0 and gvisor broke. Probably due to containerd v2. Thankfully, someone already noticed that a while back and it seems to be an upstream issue.
-
We’re kicking off a new blog series with a deep dive into our recent #gVisor integration, introduced in Dangerzone 0.7.0.
In collaboration with the gVisor team, this post explains how we’ve enhanced Dangerzone’s security with a stronger sandbox.
If you use containers to secure your application, make sure not to miss this one!
-
Yet another #benchmark, this time featuring compilation of #postgresql under #sydbox and #gvisor, shows #sydbox has a small ~10% overhead compared to ~55% of #gvisor: https://bpa.st/raw/45CQ Thanks to #gentoo developer Patrick Lauer for conducting the benchmark! Choose your #sandbox wisely ;) #exherbo
-
#sydbox-3.24.4 is released! This concludes our #optimization work for the past releases, bringing #sydbox' overhead to 15%-17%. This is a respectable improvement in comparison to, e.g. #gvisor which comes with a 40%-80% overhead. Check out the benchmarks in the release mail and choose your #sandbox wisely ;) https://is.gd/NYkDiQ #exherbo
-
Reading the ambitious roadmap of #GrapheneOS, I get the impression that this might become the most secure and #privacy-respecting platform that also overlaps with many classic desktop use-cases and desktop OS. 🤔
https://grapheneos.org/faq#roadmap
#Android #Linux #kernel #microkernel #virtualization #isolation #hypervisor #sandboxing #gVisor #KVM #TEE #security
-
#sydbox is now faster than #gvisor! A funny #optimization story: https://news.ycombinator.com/item?id=41228244
-
Looking forward to migrate my Kubernetes setup to a micro-vm environment:
https://github.com/siderolabs/extensions/pull/434
Already started to run pods in gvisor and now moving to KVM-based gvisor runtime, will be even more fun.
-
> The foundation of #nabla containers lies in three main components: rumpkernel, solo5, and runnc.
There is an interesting intersection between the approaches of this thing, #binctr , #gvisor and other mixes of virtualization and containerization, both from the artifact/distribution perspective and from the isolation perspective. I wonder where the consensus (if any) will end up in a few years.
runnc, like the others listed above, is an OCI image runner.
blog.cloudkernels.net/posts/na… -
#gVisor : systrap actually outperforms kvm in a syscall microbenchmark? This is on baremetal...
systrap: ~8s
ptrace: ~121s (lmfao)
kvm: ~15s(benchmark is just "perf bench syscall basic", which runs 10000000 getppid() calls, on Alpine Linux)
-
-
Linux Containers vs Google #gVisor vs Amazon #Firecracker...