Docker Sandbox
Every code execution node in NodeLoom runs inside an isolated Docker container with strict resource limits and security policies. This sandbox cannot be disabled from the frontend. It is enforced at the server level.
Server-enforced isolation
Affected Nodes
The following node types are executed inside the Docker sandbox. Any workflow that includes one of these nodes will automatically spin up an isolated container for each execution.
| Node Type | Description |
|---|---|
| Code | General-purpose code execution supporting multiple languages. |
| JavaScript | Runs JavaScript/Node.js code snippets. |
| Python | Runs Python scripts with access to common libraries. |
| Bash | Executes Bash shell scripts. |
| Shell | Executes shell commands in a POSIX-compatible shell. |
| Execute Command | Runs arbitrary system commands. |
Container Hardening
Each sandbox container is launched with a comprehensive set of security constraints. These are applied at the Docker level and cannot be overridden by user code.
Resource Limits
| Constraint | Purpose |
|---|---|
| CPU | Prevents a single execution from monopolizing CPU resources. |
| Memory | Hard cap on memory usage. Exceeding this kills the container. |
| Swap | Disabled to prevent memory overcommit. |
| PID limit | Caps the number of processes to prevent fork bombs. |
| Open files | Limits the number of file descriptors. |
| Processes | Limits the number of processes the user can spawn. |
| File size | Prevents writing excessively large files to disk. |
Security Policies
Each container runs with hardened security policies including privilege escalation prevention, a mandatory read-only root filesystem, network isolation, and non-root execution. These policies are enforced at the Docker level and cannot be overridden by user code or workflow configuration.
Output Truncation
Container output (stdout and stderr combined) is truncated at a configured limit to prevent memory exhaustion in the execution engine. If your code produces large output, write it to the tmpfs volume and read it back selectively.
SSH/SFTP Host Key Verification
When workflows connect to remote servers via SSH or SFTP, NodeLoom verifies the remote host key to protect against man-in-the-middle attacks. If the host key changes unexpectedly, the connection is rejected and an error is logged.
You can manage stored host keys from the credential management interface. For high-security environments, pre-load known host keys via the API before establishing connections.