Skip to content

Instantly share code, notes, and snippets.

@fluffybeing
Created March 27, 2014 08:22
Show Gist options
  • Save fluffybeing/9802849 to your computer and use it in GitHub Desktop.
Save fluffybeing/9802849 to your computer and use it in GitHub Desktop.
Run untrusted Python code in secure environment
One option might be to use PyPy to create a sandboxed python. It would limit the external operations someone could do.
Once you have that set up, your website would take the code source, send it over ajax to your webserver, and the server would run the code in a subprocess of a sandboxed python instance. You would also be able to kill the process if it took longer than say 5 seconds. Then you return the output back as a response to the client.
See these links for help on a PyPy sandbox:
http://doc.pypy.org/en/latest/sandbox.html
http://readevalprint.com/blog/python-sandbox-with-pypy.html
To create a fully interactive REPL would be even more involved. You would need to keep an interpreter alive to each client on your server. Then accept ajax "lines" of input and run them through the interp by communicating with the running process, and return the output.
Overall, not trivial. You would need some strong dev skills to do this comfortably. You may find this task a bit daunting if you are just learning.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment