Sandstorm

 

Sandstorm is a web app hosting platform which prioritizes security and ease of use. It is designed to bring the convenience of cloud-based web apps onto a self-hosted platform. Users can install applications as easily as they install apps on their smartphone, and share and collaborate with other users easily. Sandstorm is designed to be easy to stand up and administrate as well, including support for automatically configured free dynamic DNS addresses and Let’s Encrypt certificates. Sandstorm can work well for personal use, small family or social groups, and organizations.

However, where Sandstorm really stands apart from other platforms in the app hosting and virtualization spaces is its approach to security. Unlike many other container-based app platforms, Sandstorm handles all of the authentication, access, and security at a granular level. Apps packaged for Sandstorm are not containerized per app, but per document, or “grain”, as Sandstorm refers to individual instances of each application. In the case of a spreadsheet application such as EtherCalc, each spreadsheet is hosted in a separate secure container, started and stopped on demand.

In practice, apps packaged for Sandstorm are often more secure than the same exact apps running on their own, or within another hosting platform, as access to one document cannot be exploited to access another document, as can commonly occur with security flaws in conventional web applications. Most vulnerabilities in packaged apps simply do not apply to their Sandstorm counterparts.

Sandstorm was launched via a crowdfunding campaign in 2014, operated as a startup until it spun down in 2017, and has continued as an actively-maintained community project since then. The Sandstorm community is looking to raise funds to support continued development of new features and additional app packaging efforts.