FactorySandbox
HomeGet Started

Sandbox Isolation

Understanding how FactorySandbox isolates your code execution environments.

Isolation Layers

FactorySandbox uses multiple layers of isolation to ensure that your code runs safely and cannot affect other sandboxes or the host system.

How Docker Requests Run

Your Docker client talks to FactorySandbox as a remote Docker endpoint. FactorySandbox terminates the Docker Engine API in the service layer, authenticates the bearer token, and translates supported Docker API operations into commands that create, inspect, stream logs from, and remove sandboxes on remote runtime servers.

Those sandboxes are backed by Docker containers running with the Kata Containers runtime. Kata adds a lightweight virtual machine boundary around each workload, so untrusted code is separated from the host and from other customer workloads while still preserving the Docker CLI model where it applies.

Compatibility Goal

FactorySandbox aims for Docker compatibility where the Docker API maps cleanly to remote, isolated sandbox execution. Common lifecycle and inspection commands should behave like Docker, while host-level features that would break isolation may be unsupported or constrained.

Process Isolation

Each sandbox runs in its own isolated process namespace. Processes inside a sandbox cannot see or interact with processes outside of it.

Filesystem Isolation

Sandboxes have their own filesystem that is completely separate from the host and other sandboxes. Changes to files are ephemeral by default.

Network Isolation

Network access is disabled by default. When enabled, you can control which hosts and ports the sandbox can connect to.

Resource Limits

CPU, memory, and disk usage are strictly limited. Sandboxes cannot consume more resources than allocated, preventing DoS attacks.

Security Model

Our security model follows defense in depth principles:

  • Least privilege - Sandboxes start with minimal permissions
  • Immutable infrastructure - Base images are read-only and verified
  • Audit logging - All actions are logged for security review
  • Regular updates - Security patches are applied automatically

What Can Run in a Sandbox

Allowed

  • Execute arbitrary code
  • Read/write files in sandbox
  • Install packages
  • Run background processes
  • Network requests (if enabled)

Not Allowed

  • Access host filesystem
  • See other sandboxes
  • Modify system configuration
  • Mount devices
  • Escalate privileges