fence
Lightweight, container-free sandbox for running commands with network and filesystem restrictions.
The Lens
Fence sandboxes them without containers. It restricts network access and filesystem access at the OS level, so a rogue script can't phone home or delete your files.
What's free: Everything. Apache 2.0 license. Single Go binary, no dependencies, no account.
The value proposition is simplicity. Docker gives you isolation but requires the Docker daemon, images, and significant overhead. Fence is one binary. Run `fence <command>` and it executes with network and filesystem restrictions. That's it. For AI agent sandboxing, where you're running LLM-generated code and need guardrails, this is exactly the right weight class.
The catch: it's brand new and early-stage. Linux only (uses kernel namespaces and seccomp). No macOS or Windows support. The security model is narrower than a full container. It restricts network and filesystem but doesn't provide complete process isolation. For high-security use cases, you still want containers or VMs. For 'don't let this script access the internet or my home directory,' it's perfect.
Get tools like this every Wednesday
One featured tool, three on the radar. No fluff.
Free vs Self-Hosted vs Paid
fully free### What's Free Everything. Single binary, Apache 2.0 license. No paid tier, no cloud service, no telemetry.
### Total Cost $0. Download the binary, use it. No infrastructure, no accounts, no recurring costs.
### What It Replaces - **Docker** (free): Full container isolation but heavy -- daemon, images, networking setup. Fence is a single binary. - **Firejail** (free): Similar lightweight sandboxing for Linux. More mature but more complex. - **gVisor** (free): Google's application kernel. Stronger isolation but significant overhead. - **Firecracker** (free): AWS's microVM. Maximum isolation but requires KVM and more setup.
### The Trade-off Fence sits at the 'minimum viable sandbox' point. Less isolation than containers/VMs, dramatically less overhead. The right choice depends on your threat model -- are you protecting against accidental damage or deliberate exploitation?
Completely free. One binary, zero infrastructure. The lightest-weight sandbox you'll find.
About
- Stars
- 719
- Forks
- 28
Explore Further
More tools in the directory
openclaw
Your own personal AI assistant. Any OS. Any Platform. The lobster way. 🦞
370.3k ★claw-code
The repo is finally unlocked. enjoy the party! The fastest repo in history to surpass 100K stars ⭐. Join Discord: https://discord.gg/5TUQKqFWd Built in Rust using oh-my-codex.
190.9k ★n8n
Fair-code workflow automation with native AI capabilities
187.3k ★