gemini-cli icon indicating copy to clipboard operation
gemini-cli copied to clipboard
Published 1 day ago verified publisher icon google-gemini

Support the Apple Container tool for sandboxing

Open ptone opened this issue 1 month ago • 0 comments

What would you like to be added?

Apple has produced a new tool at https://github.com/apple/container to manage OCI containers using lightweight VM and small linux kernel per running container.

The CLI tool is largely compatible with the Docker command for image management.

Why is this needed?

Sandobxing and security continue to be a primary concern of users who want to apply the CLI to production uses. The existing MacOS of seatbelt sandboxing is relatively difficult to administer, and does not allow shared organizational investment in things like custom dev containers.

Additional context

An initial implementation is available in https://github.com/ptone/gemini-cli/tree/apple-container-sandbox

A PR to be opened after some initial internal review

ptone avatar Dec 08 '25 19:12 ptone