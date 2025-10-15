Security model
The Sandbox SDK is built on Containers, which run each sandbox in its own VM for strong isolation.
Each sandbox runs in a separate VM, providing complete isolation:
- Filesystem isolation - Sandboxes cannot access other sandboxes' files
- Process isolation - Processes in one sandbox cannot see or affect others
- Network isolation - Sandboxes have separate network stacks
- Resource limits - CPU, memory, and disk quotas are enforced per sandbox
For complete security details about the underlying container platform, see Containers architecture.
All code within a single sandbox shares resources:
- Filesystem - All processes see the same files
- Processes - All sessions can see all processes
- Network - Processes can communicate via localhost
For complete isolation, use separate sandboxes per user:
Always validate user input before using it in commands:
Sandbox IDs provide basic access control but aren't cryptographically secure. Add application-level authentication:
Preview URLs are public. Add authentication in your service:
Use environment variables, not hardcoded secrets:
Clean up temporary sensitive data:
- Sandbox-to-sandbox access (VM isolation)
- Resource exhaustion (enforced quotas)
- Container escapes (VM-based isolation)
- Authentication and authorization
- Input validation and sanitization
- Rate limiting
- Application-level security (SQL injection, XSS, etc.)
Use separate sandboxes for isolation:
Validate all inputs:
Use environment variables for secrets:
Clean up temporary resources:
- Containers architecture - Underlying platform security
- Sandbox lifecycle - Resource management
Was this helpful?
- Resources
- API
- New to Cloudflare?
- Directory
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- © 2025 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark
-