sandboxing
Safeguard articles tagged "sandboxing" — guides, analysis, and best practices for software supply chain and application security.
22 articles
Why Node.js's vm module is not a security sandbox
Node's own docs warn the vm module isn't a security mechanism — vm2, built on top of it, still shipped two CVSS 9.8 sandbox escapes in 2023.
Preventing path traversal in Node.js file upload and serving code
path.join() doesn't stop ../../etc/passwd — CVE-2024-12905 and Zip Slip show why Node.js needs explicit containment checks, not just path normalization.
Detecting malicious postinstall scripts in npm packages
A 2025 phishing attack compromised 18 npm packages with 2.6 billion weekly downloads. Here's how postinstall scripts became npm's top attack vector.
Java SecurityManager is gone: a practical migration guide
JEP 411 deprecated the Security Manager in JDK 17; JEP 486 disabled it outright in JDK 24, released March 18, 2025. Here's how to migrate before it's removed for good.
Node.js vs Deno vs Bun: comparing their security models
Only one of the three major JavaScript runtimes denies system access by default — Node's permission model only went stable in v23.5.0, and Bun still has none.
How malicious PyPI packages steal cloud credentials at install time
A typosquat of a 200M-download SSH library stole AWS keys from 37,000 installs — before anyone imported it. Here's the install-time attack pattern.
When the Security Tool Is the Backdoor
CCleaner, tj-actions, and ua-parser-js show the same pattern: trusted tools with CI access became the attack, hitting 2.27M+ users and 23,000+ repos.
Vetting third-party agent skills before you install them
AI agent skill marketplaces run installed code with your full permissions and no sandboxing — VS Code's 2025 extension attacks show exactly how that gets abused.
Building Secure VS Code Extensions: A Developer's Guide
VS Code extensions run as trusted Node.js code with full disk and network access and no permission model to fall back on. Here is how to build one that does not become the next supply chain incident.
WebAssembly's security model: sandbox guarantees and the attack surface that remains
Two Critical Wasmtime sandbox-escape CVEs landed on the same day in April 2026 — proof that a wasm sandbox is only as strong as the runtime enforcing it.
Docker + MCP: Running MCP Servers in Containers Securely
MCP servers run with your credentials and your filesystem unless you say otherwise. Containerizing them with read-only mounts, dropped capabilities, and egress controls turns an open-ended trust grant into a bounded one.
gVisor vs Firecracker in 2026: Choosing a Sandbox for Untrusted Workloads
A side-by-side comparison of gVisor and Firecracker for sandboxing untrusted code in 2026, covering security model, performance, and operational complexity.