On Linux, outside of docker (or to run a docker image), Gvisor is a decent choice. Inside docker, it won’t run out of the box, and needs a patch that reduces the level of defense-in-depth that it provides:
We use that patch to include Gvisor as an option in the standard Grist docker image:
Starting up the Grist data engine in Gvisor does have a cost in startup time. A trick we use is to start up the data engine in Gvisor when Grist starts, and then once it is ready take a snapshot of the result. Copies of this snapshot can be then started up a lot quicker. We’ve invested time in optimizing and testing this process.
(I notice that a developer on the Gvisor project has self-assigned the issue mentioned before to themselves recently; it would be lovely if it got resolved.)
The Pyodide sandbox is indeed easier to install - once someone else is preparing a coherent set of packages for you which we do. The level of security it provides is a bit of a question mark to me, sandboxing on a server is not the intended use of Pyodide, and discussion between developers in the Pyodide project’s issue tracker is confusing on this point. We have not done the same level of optimization for Pyodide as we have for Gvisor. Opening a sandbox can feel a bit sluggish - it would be better perhaps to have a pool opened in advance, then use them and replace them as needed.