-
-
Save fluffybeing/9802849 to your computer and use it in GitHub Desktop.
Run untrusted Python code in secure environment
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| One option might be to use PyPy to create a sandboxed python. It would limit the external operations someone could do. | |
| Once you have that set up, your website would take the code source, send it over ajax to your webserver, and the server would run the code in a subprocess of a sandboxed python instance. You would also be able to kill the process if it took longer than say 5 seconds. Then you return the output back as a response to the client. | |
| See these links for help on a PyPy sandbox: | |
| http://doc.pypy.org/en/latest/sandbox.html | |
| http://readevalprint.com/blog/python-sandbox-with-pypy.html | |
| To create a fully interactive REPL would be even more involved. You would need to keep an interpreter alive to each client on your server. Then accept ajax "lines" of input and run them through the interp by communicating with the running process, and return the output. | |
| Overall, not trivial. You would need some strong dev skills to do this comfortably. You may find this task a bit daunting if you are just learning. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment