https://code.claude.com/docs/en/sandboxing says they integrated bubblewrap (linux/windows), seatbelt (macos) and give an error if sandbox can't be supported so appears to be real.

▲

throwaway6734 12 hours ago | parent [-]

https://docs.docker.com/ai/sandboxes/ Any idea on how that compares to this docker feature in development?

	▲	figmert 10 hours ago \| parent [-]
		Docker containers use cgroups and namespaces etc (the usual kernel level isolation) Docker sandboxes use microvms (i.e. hardware level isolation) Bubblewrap uses the same technology as containers I am unsure about seatbelt.