Y
Hacker News
new
|
ask
|
show
|
jobs
by
AlexCoventry
74 days ago
Yeah, it's easy to vibecode and review a docker sandbox, too. If you run containers with
--runtime=runsc --cap-drop=ALL --security-opt no-new-privileges:true
it's pretty tight. That's how I use coding agents, FWIW.