God, Love, News, Event, Entertainment, Amebo,..... All about Bringing out the best in you...
Show HN: Python Local Sandbox Code Execution (Podman and Uv) https://ift.tt/DRZF1E4
Show HN: Python Local Sandbox Code Execution (Podman and Uv) The core idea: @sandbox(dependencies=["pandas"]) turns any function into one that runs inside an isolated Podman container with dependency caching built in on uv. You call it like a normal function, but the code executes with no access to your host filesystem, credentials, or processes. from pctx_sandbox import sandbox @sandbox(dependencies=["requests"]) def fetch_url(url: str) -> str: import requests return requests.get(url).text result = fetch_url(" https://example.com ") # runs in container Technical details: - Uses rootless Podman for container isolation (all the Linux namespace stuff: PID, mount, network, user) - Maintains a warm pool of workers per dependency set, so there's no cold-start penalty after the first call - Dependencies are cached and installed once per unique combination - Resource limits enforced via cgroups The security model is "defense in depth" – it's container isolation, not a VM, so it's not a perfect security boundary. But it's good enough that I'm comfortable letting Claude use it on my machine. Would love feedback. Thanks! https://ift.tt/woq06Ny December 22, 2025 at 03:02AM
Subscribe to:
Post Comments (Atom)
Show HN: Battle LLM Robots – Prompt your LLM, Submit your bot, Watch it battle https://ift.tt/Y0GhK3E
Show HN: Battle LLM Robots – Prompt your LLM, Submit your bot, Watch it battle https://ift.tt/geaSG6X July 9, 2026 at 02:25AM
-
submitted by /u/Dull_Tonight [link] [comments] source https://www.reddit.com/r/worldnews/comments/pehy48/housing_secretary_robert_je...
-
Show HN: Lindra – generate browser agents to automate any website Hi HN, We’re one month into building Lindra, a platform that turns any web...
-
Show HN: High-precision date/time in SQLite https://ift.tt/hEvedVC August 12, 2024 at 03:47AM
No comments:
Post a Comment