New Show Hacker News story: Show HN: A library for execing Python code safely using WASM
Show HN: A library for `exec`ing Python code safely using WASM
3 by pamplemeese | 0 comments on Hacker News.
Inspired by Simon Willison's blog post that was catalyzed by this HN post: https://ift.tt/RQ2bEPB wasm_exec is a Wasm-powered, sandboxed implementation of exec() for safely running dynamic Python code There are number of use-cases emerging that require arbitrary code execution, often code that is generated by LLMs (Large Language Models) like ChatGPT. This can enable some really cool functionality - like generative BI or website generation - but also introduce a massive security flaw if implemented via eval() or exec(). This is because arbitrary code can be executed using these methods. In a worst case scenario, exec'ing arbitrary code could enable some to rm -rf / your entire server! This library intends to provide a secure method of executing arbitrary Python code to empower LLM-based code generation. This was originally intended to be a direct PR to Langchain but given that the problems with exec() extend to the entire Python ecosystem, it was decided that it would be better as a standalone package. Given the love for Wasm on HN, I thought some folks might be interested,and I'd love additional feedback or contributions to the code base.
3 by pamplemeese | 0 comments on Hacker News.
Inspired by Simon Willison's blog post that was catalyzed by this HN post: https://ift.tt/RQ2bEPB wasm_exec is a Wasm-powered, sandboxed implementation of exec() for safely running dynamic Python code There are number of use-cases emerging that require arbitrary code execution, often code that is generated by LLMs (Large Language Models) like ChatGPT. This can enable some really cool functionality - like generative BI or website generation - but also introduce a massive security flaw if implemented via eval() or exec(). This is because arbitrary code can be executed using these methods. In a worst case scenario, exec'ing arbitrary code could enable some to rm -rf / your entire server! This library intends to provide a secure method of executing arbitrary Python code to empower LLM-based code generation. This was originally intended to be a direct PR to Langchain but given that the problems with exec() extend to the entire Python ecosystem, it was decided that it would be better as a standalone package. Given the love for Wasm on HN, I thought some folks might be interested,and I'd love additional feedback or contributions to the code base.
Comments
Post a Comment