Whatever Happened to Sandboxfs?
a year ago
- #macOS
- #sandboxing
- #Bazel
- sandboxfs was developed to improve Bazel's sandboxing performance on macOS by replacing slow symlink forests with a virtual file system.
- The project aimed to reduce sandbox creation overhead by using an in-memory manifest and RPC to manage file hierarchies efficiently.
- Despite initial promise, sandboxfs faced challenges including performance issues, kernel bugs, and ecosystem changes like Apple deprecating kernel extensions and OSXFUSE going closed source.
- The author learned valuable lessons about Rust, FUSE, and file systems but ultimately abandoned the project due to insurmountable obstacles.
- The need for efficient sandboxing in Bazel remains, especially for macOS users, but the benefits are less clear with the rise of remote execution.