Sandboxing
Isolating code execution for security.
Overview
Sandboxing restricts what code can do when executed by agents:
- File system access
- Network access
- System commands
- Resource limits
Configuration
json5
{
sandbox: {
enabled: true,
type: "docker", // docker, firejail, none
limits: {
memory: "512MB",
cpu: "1",
timeout: 30000
}
}
}Sandbox Types
Docker (Recommended)
Uses Docker containers for isolation:
json5
{
sandbox: {
type: "docker",
image: "openclaw/sandbox:latest"
}
}Firejail (Linux)
Uses Firejail for lightweight sandboxing:
json5
{
sandbox: {
type: "firejail",
profile: "default"
}
}File System Restrictions
json5
{
sandbox: {
filesystem: {
readOnly: ["/"],
readWrite: ["/tmp", "~/.config/openclaw/workspace"],
hidden: ["/etc/passwd", "~/.ssh"]
}
}
}Network Restrictions
json5
{
sandbox: {
network: {
enabled: false, // Disable network
allowedHosts: [] // Or whitelist hosts
}
}
}Resource Limits
json5
{
sandbox: {
limits: {
memory: "512MB",
cpu: "1",
processes: 10,
timeout: 30000 // ms
}
}
}