add bubbleproc sandboxing

[allen-munsch]

It seems to work, I need to add more testing scenarios:

07:44:22 (venv_3132) jm@pop-os aider-ce ±|main ✗|→ export OLLAMA_API_BASE=http://127.0.0.1:11434
07:44:28 (venv_3132) jm@pop-os aider-ce ±|main ✗|→ aider-ce --sandbox-verbose --model ollama_chat/qwen3-coder:30b
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Sandbox enabled:
   Project dir: /home/jm/projects/py/aider-ce
   Network: enabled
   RW paths: ['/home/jm/projects/py/aider-ce', '/tmp', '/home/jm/projects/py/aider-ce/venv_3132']

Which, theoretically would bring in sandbox protections like these for various agent toolings:

See here for a comprehensive list of tests it would attempt to sandbox out of the box:

https://github.com/allen-munsch/bubbleproc/blob/main/test_python_api.py

This references:

• feature - sandboxing mcp tooling via zypi, and/or docker, and/or bubblewrap #265

[dwash96]

Hey, what are your thoughts on where this will go?

[allen-munsch]

@dwash96 I think its fine for simple things like preventing accidental rm -rf type stuff, but something a bit more is actually needed, not just docker, but complete isolation via virtual machines, e.g. firecracker

experimentally sketched here:

• (draft): adds example higher level exector and vsock for bwrap like i… allen-munsch/zypi#5
• (draft): a sketch for cross platform support allen-munsch/zypi#6

or something that uses firecracker/vms under the hood is more in line with what is needed

• https://github.com/e2b-dev

just my 2 cents, i'm still learning about some of this stuff, trying to find the best tools, etc