Neil Anthony, PhD
AI Sandbox
WSL2 in Windows OS running Ubuntu 24.04 LTS, with rootless Docker and Nvidia's Container Tool Kit (CTK) providing CUDA enabled security layer.
Security Hardening
.wslconfig set to use Win OS firewall directly
Default WSL allows full access to C drive from standard Ubuntu user! Here, wsl.conf set to ensure read-only auto mounted Win OS drives.
Rootless Docker
- No new priviledges
- Root Docker disabled; rootless docker service for all users
- Limited network bridge with no incoming and limited outgoing
- Key docker files audited
- Simple health server checks
© 2025 neilanthony.xyz
