I thought Ubuntu did that, but not Debian. Still, that's very different than what the author mentioned

Oh you might be right about Ubuntu vs Debian.. but I'm right about everything else I said. I went and looked at the source code.

I don't know if I want to create an ad-hoc list of permissions. What I would like would be something like take a snapshot of my current workspace in a VM. Run claude there and let it go wild. After the end of the session, kill the box. The only downside is potentially syncing the claude sessions/projects. But I don't think that'd be too difficult.

I recently blogged about how I do this using MicroVMs on NixOS: https://michael.stapelberg.ch/posts/2026-02-01-coding-agent-...

> take a snapshot of my current workspace in a VM. Run claude there

Sounds like docker + overlayfs might fit the bill, as long as there's a base image that is close enough to what you need.

I don't think there should be One True Way how to run these, everyone can set it up in a way that best fits their workflow.

both Docker and bubblewrap are not secure sandboxes. the only way to have actually isolated sandboxes is by using VMs

disclaimer: i work on secure sandboxes at E2B

No disagreement from me. From the article:

> Bubblewrap and Docker are not hardened security isolation mechanisms, but that's okay with me.

Edit to add: my understanding is the major flaw in this approach is potential bugs in Linux kernel that would allow sandbox escape. Would appreciate your insight if there are some easier/more probable attack vectors.

What about cgroups? I know they are not exactly analogous, but to me that seems like a pretty decent solution.

Do you have more information on how to set up such VMs?

for personal use, many ways: Vargant, Docker Sandbox, NixOS VMs, Lima, OrbStack.

if you want multi-tenant: E2B (open-source, self-hosted)

Hashicorp has mostly abandoned Vagrant, so I'd avoid it.

> What I would like would be something like take a snapshot of my current workspace in a VM.

Sounds like you may be interested in Qubes OS, which runs everything in VMs.

Ask the agent to bubblewrap itself

In the UK we move forward at 1am and they go backward at 2am. Doing it at midnight adds the extra complexity that now the day is different. Doing it in the early morning doesn't change the day.

My guess is that in the US they do the same but shifted by one.

It's hard to pin point what creativity is. But in your example, the more creative thing was really coming up with the scenario of pigeons selling balconies as real state. What followed was just applying usual tropes for that sort of joke on the subject matter. I feel like LLMs are not very good at coming up with something novel. I'm not even sure they are capable of that. It's not as if coming up with something novel is easy for humans either.

Plus, a lot of people are generating hallucination and believing that is invoking creativity. I contend the outputs/generations are junk, but human creativity and human comprehension step in and create meaning to the hallucination.

Existing is just a point in time

I rather commute than WFH. So yeah, people do. Maybe not all the people, but certainly some people.

They can't because they aren't, right? That's the whole point of having them not expiring. Until you used them, you can still get your money back in some situations.

Also, most of us are about average.

True, but most companies are also average, so it ends up cancelling out.

I don't want more time having meaningful conversations with human bosses. I just want to have a normal interview.