[Chicago] built app to auto-generate UI for scripts.

Paul Katsen pkpp1233 at gmail.com
Wed Jul 30 02:02:49 CEST 2014 

Hey Randy - did you switch the language to python? It might have been set
to R or Ruby.

Heres a blogpost (also on front page of HN today) that I just wrote to show
how it works:

https://api.blockspring.com/blog/api-in-60-seconds

Let me know if things are still off! Working super hard to make sure this
thing just works for people.
On Jul 23, 2014 4:41 AM, "Randy Baxley" <randy7771026 at gmail.com> wrote:

> OK then, my thinking is sometimes we are like the Star Trek or maybe
> Twilight or Weird episode were beings were moving so fast that the crew
> just heard buzzing.  Then again maybe we are trying to heard cats or turn
> the tide and momentum of a mighty river.  In the meanwhile a while is
> longer for some than for others.  For me though I cut and pasted some
> working code into the program, highlighted a variable and got nowhere.  The
> little example did work though.  Is that what was supposed to happen?
>
> I tend to think this sandbox idea of quickly getting code into a mockup UI
> is a good one.
>
> Also Cobra, Vagrant, Sculpt, CodeSkulptor and a Github IDE I think are
> good ideas.
>
>
> http://opengovhacknight.org/events/2014/06/03/englewood-codes-north-central-college-and-github.html
>
> Having a Python committed team with time and money to build and maintain
> all of these good ideas and have them work with each other I also think is
> a good idea.  Not sure I have any good idea how to make that happen though.
>
>
>
>
>
>
> On Tue, Jul 22, 2014 at 5:55 PM, Carl Karsten <carl at personnelware.com>
> wrote:
>
>> What makes Python great is that you can do really powerful stuff pretty
>> easy.
>>
>> too bad cuz you don't want that here.
>>
>> Here is a smart person talking about it.
>> http://pyvideo.org/video/2585/building-and-breaking-a-python-sandbox
>>
>>
>>
>>
>> On Tue, Jul 15, 2014 at 3:17 PM, Paul Katsen <pkpp1233 at gmail.com> wrote:
>>
>>> Setting up rate limit today. Right now the container just times-out. And
>>> you're right, container being taken down is no problem b/c I'm running one
>>> for each script. There has to be a secure way to pull this off.
>>>
>>> Right now you have to sign up to publish, but you can run code
>>> unrestricted. Just testing if quickly publishing scripts is valuable at all.
>>>
>>>
>>> On Tue, Jul 15, 2014 at 2:14 PM, Japhy Bartlett <japhy at pearachute.com>
>>> wrote:
>>>
>>>> The last I heard this was just a Bad Idea, from python-dev back in the
>>>> day:
>>>>
>>>> http://lwn.net/Articles/321872/
>>>>
>>>>
>>>> I guess since docker is pretty ephemeral you can live with a container
>>>> being taken down.  Regularly nuke them and rebuild to keep malware out.
>>>>  Rate limit new creations and CPU/memory usage somehow?
>>>>
>>>> Definitely check your firewalls to keep anyone from launching spam or
>>>> DDOS attacks from your servers..
>>>>
>>>> This just seems like a massive liability, not sure how Coursera or
>>>> anyone is getting away with it.  Is it restricted to verified users somehow?
>>>>
>>>>
>>>> On Tue, Jul 15, 2014 at 1:39 PM, Joe Germuska <joe at germuska.com> wrote:
>>>>
>>>>> Hey, Paul:
>>>>>
>>>>> I don’t have direct experience, but see
>>>>> https://wiki.python.org/moin/SandboxedPython
>>>>> and
>>>>>
>>>>> https://wiki.python.org/moin/Asking%20for%20Help/How%20can%20I%20run%20an%20untrusted%20Python%20script%20safely%20%28i.e.%20Sandbox%29
>>>>> <https://wiki.python.org/moin/Asking%20for%20Help/How%20can%20I%20run%20an%20untrusted%20Python%20script%20safely%20(i.e.%20Sandbox)>
>>>>>
>>>>> Joe
>>>>>
>>>>> On Jul 15, 2014, at 1:33 PM, Paul Katsen <pkpp1233 at gmail.com> wrote:
>>>>>
>>>>> any advice on how to sandbox even more? i know sites like Udacity and
>>>>> Coursera are running arbitrary code too.
>>>>>
>>>>>
>>>>> On Tue, Jul 15, 2014 at 1:21 PM, Japhy Bartlett <japhy at pearachute.com>
>>>>> wrote:
>>>>>
>>>>>> you're kind of sandboxed at least because you're running in docker,
>>>>>> but this is very vulnerable to malicious code!
>>>>>>
>>>>>> import subprocess
>>>>>> subprocess.call('whoami')
>>>>>>
>>>>>>
>>>>>> > root
>>>>>>
>>>>>>
>>>>>> On Tue, Jul 15, 2014 at 1:06 PM, Paul Katsen <pkpp1233 at gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Hey ya'll.
>>>>>>>
>>>>>>> I kept needing to teach non-engineers how to use the terminal to run
>>>>>>> scripts. Decided to just hack up a site last week where you can copy/paste
>>>>>>> your script in, select inputs for your script, and you get a shareable link
>>>>>>> to run your code.
>>>>>>>
>>>>>>> Check it out - would love your feedback:
>>>>>>> https://python.blockspring.com/.
>>>>>>>
>>>>>>>  -Paul
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Chicago mailing list
>>>>>>> Chicago at python.org
>>>>>>> https://mail.python.org/mailman/listinfo/chicago
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Chicago mailing list
>>>>>> Chicago at python.org
>>>>>> https://mail.python.org/mailman/listinfo/chicago
>>>>>>
>>>>>>
>>>>> _______________________________________________
>>>>> Chicago mailing list
>>>>> Chicago at python.org
>>>>> https://mail.python.org/mailman/listinfo/chicago
>>>>>
>>>>>
>>>>> --
>>>>> Joe Germuska
>>>>> Joe at Germuska.com * http://blog.germuska.com *
>>>>> http://twitter.com/JoeGermuska
>>>>>
>>>>> "Learn to fear any church that fears drums." --Regie Gibson
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Chicago mailing list
>>>>> Chicago at python.org
>>>>> https://mail.python.org/mailman/listinfo/chicago
>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> Chicago mailing list
>>>> Chicago at python.org
>>>> https://mail.python.org/mailman/listinfo/chicago
>>>>
>>>>
>>>
>>> _______________________________________________
>>> Chicago mailing list
>>> Chicago at python.org
>>> https://mail.python.org/mailman/listinfo/chicago
>>>
>>>
>>
>>
>> --
>> Carl K
>>
>> _______________________________________________
>> Chicago mailing list
>> Chicago at python.org
>> https://mail.python.org/mailman/listinfo/chicago
>>
>>
>
> _______________________________________________
> Chicago mailing list
> Chicago at python.org
> https://mail.python.org/mailman/listinfo/chicago
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/chicago/attachments/20140729/d601f68b/attachment.html>

More information about the Chicago mailing list