Remix clone Hacker News

Don't do it. Really, really don't do it. People have tried for decades to develop such a sandbox, and it does not work.

as I mentioned on another reply, all those projects also wanted system apis like filesystem and sockets and such.

for me I just want to hijack the interpreter so I don't have to write my own. no imports, no sockets.

	▲	eesmith 8 hours ago \| parent [-]
		No, I'm not. I'm talking about the history beyond why rexec and Bastion, and restricted execution, were removed from Python in the 2.x days. See https://python.readthedocs.io/en/v2.7.2/library/restricted.h... , "In Python 2.3 these modules have been disabled due to various known and not readily fixable security holes." They started because back in the 1.x days there was a Python web browser called Grail, and the hope was to support restricted Python applets in Grail. Or from 10 years ago, read https://lwn.net/Articles/574215/ about the failure of 'pysandbox' where one of the ways to break out was to "[use] a traceback object to unwind the stack frame to one in the trusted namespace, then use the f_globals attribute to retrieve a global object." ... "Stinner's tale should serve as a cautionary one to anyone considering a CPython-based solution". You might consider RestrictedPython at https://restrictedpython.readthedocs.io/en/latest/ which supports only a subset of Python, via AST-walking to limit what the code can do. I have no experience with it.