for Livebook allows you to paste standalone javascript functions and run them through an API or an interface.

I use Livebook to scaffold out scripts, and would love the ability to paste the script somewhere for others to run.

The concern is security. It looks like BEAM processes do not provide enough isolation. Is this correct?

I am curious what options are available for sandboxing, and if anyone explored this. It seems out-of-scope for the Livebook team.

I think the only solution would be some sort of VM orchestration with something like Kubernetes. I am aware of things like replit and others, but it would be neat to have support for *.livemd files.

Basically, throwaway public facing Livebooks (with the code which you could possibly edit), as last I checked it seems you need auth of some sort to access deployed Livebooks (for very good reason).

You can deploy a notebook as an app and make it public, this way people can interact with the app, without fiddling with the Livebook itself or executing arbitrary code. For an example see “Github Repo Star History” on Livebook - a Hugging Face Space by hugobarauna.

In the future we may consider creating API endpoints too.

That would be pretty cool.

I checked out the public app interfaces you have–that’s a great way to share something without exposing the nitty gritty (which is what you usually want to do when stringing something together for others). I will try out HuggingFace next time I have a small script like that to share :slight_smile:

I fiddled with and was able to stitch together a “throwaway livebook” instance.
I couldn’t get it to startup automatically, but spawning a terminal and running /app/bin/livebook start works.

Here’s the sandbox.
Here’s the livebook instance.


@100phlecs awesome, I didn’t know CodeSandbox supports Docker!

1 Like