On Sun, 21 Oct 2018 21:20:33 -0500
"Edward K. Ream" wrote:
> Hmm. Is Leo as a web app is feasible? Leo's scripting features make
> it extremely dangerous. If run on a server, Leo becomes an
> unverifiable cgi script. This looks like a gotcha. Am I missing
> something?
Sandboxing /
Someone should look at Heroku. It seems that they do containers that
already support python that is designed to face the web.
They also have a robust and complete local CLI client. It is very
convenient for working on apps with a web face.
Chris
On Mon, Oct 22, 2018 at 5:55 AM vitalije
I am not 100% sure but I believe that it is possible to start docker
instance on some remote host (one instance per user or per script
invocation) and let python execute script inside that docker instance. A
malicious script can try to damage server but the damage will remain inside
its own
In another thread I wrote:
"Leo looks like an unverifiable cgi script to the server, which means one
user (or small, *trusted *group of users) must be *fully* responsible for
the damage Leo could cause. It might be possible to host a Leo server in a
per-user (or per-small group) virtual
On Sunday, October 21, 2018 at 9:20:43 PM UTC-5, Edward K. Ream wrote:
>
> On Sun, Oct 21, 2018 at 11:28 AM Terry Brown
> wrote:
>
> I wonder if Cormac was thinking of frameworks like Django, but perhaps
>> more appropriate (lighter) for Leo, Flask?
>
>
> All options are on the table, but see
On Sunday, October 21, 2018 at 11:01:57 AM UTC-5, Offray Vladimir Luna
Cárdenas wrote:
It's good to see the advances in the servers direction. The idea of a more
> decoupled Leo with web interfaces and the idea of "outlining" services to
> other systems and languages that some have proposed
On Sunday, October 21, 2018 at 10:37:32 AM UTC-5, Cormac Williams wrote:
> I would answer some of your questions with more questions, mainly.
All these questions are reasonable. Here are some preliminary answers.
> 1 : Do you want to hang this server on the internet at some point?
Not sure