There's the traditional webmin-like console where you can install "apps", all NAS have something like that but it requires that all apps are trusted to be secure. This looks like a model that would go beyond that and provide a sandbox with capability-sharing mechanism.
I will be honest this looks very intriguing to me. I am very tired of my data strewn across a multitude of services where they are in control of every aspect of it and can change their policies on a whim. To those who say I don't have to use them I agree and my current usage is very minimal overall. Yet I would really welcome a cloud based solution that would allow me to store my data and leverage the apps I want while maintaining a strong sense of control. I would gladly pay for such a solution even if all the apps aren't on par with their free counter parts, I am willing to sacrifice features for control.
From my initial skimming of the source code, this is not just a web interface in front of the package manager of your favourite distro -- the apps need not be trusted and work isolated from the host operating system. But why not use docker instead of reinventing things like namespace instrumentation?
Setting up Linux namespaces using the raw syscalls is actually not very hard. Sandstorm does this in a few dozen lines of code. Adding Docker as a dependency would add a whole lot of complication without actually buying us much.
There is a big difference is use case here: Docker aims to be configurable enough that you can take arbitrary off-the-shelf Linux apps -- or even entire distros -- and make them run in a container. Sandstorm, on the other hand, requires apps to be ported to a very specific environment. The porting isn't usually very hard, but it means Sandstorm doesn't need so much configurability and can make stronger assumptions about how an app behaves which lets us do more interesting things with it. For example, Sandstorm can implement unified login and sharing across all apps, it can enforce security between apps, it can transparently update an app without potentially disrupting its storage, and it can selectively give apps access to each other's semantic APIs rather than just low-level ports.
All that said, using Docker as a tool to assist in building app packages may make sense; we actually build some of our apps this way. This -- and the general difference between Docker and Sandstorm -- was discussed a bit in this blog post:
OwnCloud is primarily a DropBox clone which also provides the ability to install "apps" on top. Those "apps" are perhaps better described as "plugins" -- they augment the OwnCloud interface using code which (as I understand it) runs inside the OwnCloud server. Apps must be written in PHP and there is no sandboxing or access control to prevent a bad app from doing bad things.
In contrast, Sandstorm apps are isolated by default and can be written in any language. Sandstorm does not provide a shared "filesystem" but rather gives some private storage space to each app and then expects them to talk to each other via RPC if they want to share data.
We (the Sandstorm team) are actually thinking of porting OwnCloud to Sandstorm as an app. :)
