> The idea is that web apps could be built and distributed more like the smartphone ecosystem

have you ever heard about sandstorm?

it's moving slowly at this point due to originally having had plans to make money that didn't work out, but...

"a platform for individuals to install sandboxed web applications" sure sounds a lot like it

@Valenoern Yes, I was a backer. The idea is similar, but the approach and implementation are very different. I should write a full blog post but here's an old toot about Sandstorm:


@Valenoern I think it sounds like this project and Sandbox are not the same thing, but would have a lot to benefit from learning each other's techniques.

It sounds like @teleclimber has gone deeper into the process isolation bit than the Sandstorm team has, and Sandstorm has been more trusting with the deployed code, while going deeper on app integration and protection against third-party shenanigans.

@clacke @Valenoern I wrote more on Sandstorm since:


And yes I am learning as much as I can from that project.

I don't think Sandstorm is very trusting of deployed code at all! That's their strong point IMO.

@teleclimber @Valenoern Great post, thanks!

I remembered wrong exactly what Sandstorm did. As you explain in the post they did indeed use containers to isolate networks and more.

Still, adding a JS sandbox on top of that would seem to make it a lot less risky to dare run untrusted code.

@teleclimber Hmm, "I’m really glad Deno is here. It’s important to be able to run code that you can’t necessarily trust in an environment that limits what an attacker should do. We should have that for JS."

Wasn't that meant to be web browsers?

Anyways, best of luck!

@teleclimber Sorry if I came accross a little harsh in pointing out the irony.

I honestly do want to see a more secure sandbox for JavaScripty webapps! Hopefully our seperate efforts will help split the document Web & the apps Web, creating a better future for both!

@alcinnz I am talking about the server side of web-apps, not the client. Browsers are good sandboxes for a client, but I want give people the ability to deploy personal apps that respond to *incoming* requests on the internet.

Deno is good for that and CLI type programs, which browsers aren't suited for.

@teleclimber Ah, I get you!

I must say I'm not that pleased with browser sandboxing, but it's the status quo & they're trying to improve. I'm still curious to see what you manage to create!

@alcinnz Thank you!

Yes I see what you mean about the browser sandbox. It's fairly robust against the things it disallows, but it allows far too much.

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!