As most of the folks mentioned, send-boxing isn't / shouldn't be done at Livy level.
Look at Kerberos+Sentry for example to add isolation to access to HDFS / Hive etc. YARN for resource isolation (it can employ Linux container groups for example to guarantee that each container wouldn't run over what it asked for in terms of vcpus/ memory). If you'd like to isolate further from hosts that those Spark executors are running on, look for YARN docker container support for example https://issues.apache.org/jira/browse/YARN-3852 Or kubernetes support - Spark on kubernetes https://spark.apache.org/docs/latest/running-on-kubernetes.html Not sure how well the latter works with Livy though. -- Ruslan Dautkhanov On Wed, Oct 30, 2019 at 10:02 AM mhd wrk <mhdwrkoff...@gmail.com> wrote: > Considering that Livy supports Interactive Scala or Python, does it > provides any sand-boxing feature to protect the back-end against submitted > code? >