(github.com)

173 points xrd | 1 comments | 15 Apr 25 11:09 UTC | HN request time: 0.263s | source

Show context

behnamoh ◴[17 Apr 25 15:27 UTC] No.43718268[source]▶

So their method of sandboxing Python code is to spin up a JS runtime (deno), run Pyodide on it, and then run the Python code in Pyodide.

Seems a lot of work to me. Is this really the best way to create and run Python sandboxes?

replies(11): >>43718335 #>>43718770 #>>43718841 #>>43719300 #>>43719370 #>>43719672 #>>43719881 #>>43721408 #>>43722369 #>>43723869 #>>43726452 #

1. samuel ◴[18 Apr 25 09:41 UTC] No.43726452[source]▶

>>43718268 #

I spin up a docker container using the docker API. I haven't used gvisor because I don't expect the model to try kernel level exploits. If it were the case, we're already doomed.

↑

MCP Run Python