OPEN LINK ↗
// 80d agoOPENSOURCE RELEASE
OpenRig launches secure multi-user agent runtime
OpenRig is a new self-hosted multi-user agent runtime that uses per-user Unix accounts, per-session firejail sandboxes, and segmented networking to give agents real shell access without turning the LLM into the security boundary. It targets teams running agents against internal systems with OpenAI-compatible backends like vLLM and llama.cpp while keeping data and telemetry inside their own infrastructure.
// ANALYSIS
This is a serious attempt to make autonomous agents usable inside enterprise perimeters without hand-waving away the exfiltration problem. The interesting bet is that OpenRig treats OS isolation and network policy as the product, not just the prompt layer.
- –Per-session firejail sandboxes, dropped capabilities, seccomp filters, and isolated network namespaces give it a much stronger security story than typical single-user agent shells
- –The default intranet-only network policy is unusually opinionated and directly addresses the biggest enterprise fear around agent tooling: sensitive data leaking to the public internet
- –Support for per-user credentials, persistent storage, cronjobs, and admin controls makes it look more like shared internal infrastructure than a hacker demo
- –Requiring a privileged Docker container and cgroup v2 will limit where teams can deploy it, but that tradeoff is part of how it achieves meaningful isolation
- –As an early BSD-licensed project with zero GitHub stars and no broader launch footprint yet, this is promising infrastructure that still needs real-world validation
// TAGS
openrigagentdevtoolautomationself-hostedopen-sourcecloud
DISCOVERED
80d ago
2026-03-08
PUBLISHED
80d ago
2026-03-08
RELEVANCE
8/ 10
AUTHOR
EliasOenal