jdegenstein
commented
2 years ago Just doing some quick research on how to secure python execution and thought I would leave this here for consideration:
Open Irev-Dev opened 2 years ago
jdegenstein
commented
2 years ago Just doing some quick research on how to secure python execution and thought I would leave this here for consideration:
Irev-Dev
commented
2 years ago Thanks @jdegenstein
42sol-eu
commented
1 year ago Anything new on that?
notthewave
commented
9 months ago What about using web assembly? I am certainly not an expert when it comes to web development but it might work for this use case: https://webassembly.org/docs/security/ https://github.com/pyodide/pyodide
Python execute has been disabled for the time being.
Since python is a general purpose language getting security right is trick, the way it currently runs it would be possible to grab some aws credentials, as well as other things like crypto mining, the 30s execute limit does help but does not fix the problem.
Much more robust tracing and limits are needed before enabling this feature again.