▲ | RonaldOloo 6 days ago | |||||||
Hey everyone, one of the co-founders here(Ronald Oloo). Just wanted to add a bit more technical context for those interested. We chose Rust for this project for its performance and, more importantly, its safety guarantees. The long-term vision for Sphere's security relies on being able to build a truly minimal, secure sandbox, and Rust's memory safety is a huge part of that foundation. The dependency system right now is simple (it just uses a local JSON index), but it's designed to be the prototype for a future federated SphereHub. The goal is to avoid the centralized pitfalls of other package managers. We know it's a long road ahead to get to true chroot/namespace-level sandboxing, but we're excited about the architecture. Happy to dive into any technical questions about the implementation! | ||||||||
▲ | tuananh 4 days ago | parent [-] | |||||||
> it's a long road ahead to get to true chroot/namespace-level sandboxing but everyone is moving to microvm because namespace/cgroup is not enough. - GCP did with cloudrun v2 - aws did with firecracker - Microsoft use VM for wsl2 - Apple with microvm for their Apple Container | ||||||||
|