[wplug] Thu Jan 15, come see a talk in Pittsburgh about Sandstorm
Asheesh Laroia
asheesh at asheesh.org
Wed Jan 14 17:32:15 EST 2015
Hi all WPLUG people!
Sandstorm is an open source project, and a way to run web apps as
containers, gloriously sandboxed from each other, and moreover an interface
to install them easily and allow the user to create multiple instances of a
web app easily.
I'm part of the project, and one of the other contributors is giving a talk
tomorrow in Pittsburgh, so I wanted to share some details and express some
hope that WPLUG people might be able to come!
WHEN: Thu 1/15, 6:30pm-10pm
WHERE: ShowClix Headquarters, 650 Smithfield St., Pittsburgh, PA 15221
WHAT: David Renshaw talks about SandstormIO! Free event w/ craft beer & 2
other talks, part of the "Engibeer.in" series at the ShowClix office
RSVP: https://bit.ly/pghstorm
If you want to read a glossy page about how great Sandstorm is, and click
around to find details, visit: https://sandstorm.io/
If you want to read technical details that explain it in terms you'd
probably find much more interesting, here is a paragraph written by me that
is hopefully helpful and terse:
Sandstorm is a way to run web apps as containers, gloriously sandboxed from
each other, and moreover an interface to install them easily and allow the
user to create multiple instances of a web app easily. It intends to grow
features relating to:
* sharing instances of a web app -- so that an instance of a web app is as
easy to share with someone else as a Google Docs link, and
* features relating to supporting more network protocols -- so that apps
can safely communicate with the outside world over things like IRC, with
security features called the "Powerbox" ; see also
https://en.wikipedia.org/wiki/File_dialog#Powerbox .
It already has:
* the ability to install web apps that have been ported, which already a
seamless process of clicking a few times within the admin interface, and
* about 25 apps that have been ported, and
* a solid (and ever-strengthening story) for how porting an app to
Sandstorm removes entire categories of vulnerabilities, by emphasizing apps
only exposing static HTML to logged-out users, and using a random subdomain
when an admin is logged in so that an attacker doesn't know where to attack
even if there is a vulnerability, and
* a simple install script that you can use on a GNU/Linux server today --
https://github.com/sandstorm-io/sandstorm , and
* an online demo: https://demo.sandstorm.io/ , and
* an open source license (Apache 2.0) and growing community, and
* an IRC channel in freenode: #sandstorm
I hope that was not too self-promote-y -- I think it's the kind of thing
that WPLUG people might find interesting.
Let me know if you have any questions! And I hope people here can make time
to check out David's talk -- tell him "Asheesh says hi"!
-- Asheesh.
More information about the wplug
mailing list