I would like to create an app that accepts users python scripts and executes them as part of its functionality. What I am wondering is if its possible to block I/O, network and other attack vectors so I can have some confidence my AWS resources/account won’t be compromised?
Or if I isolate the process into a linux user account with few permissions would that be good enough?
Or is my best bet trying to adopt it to something like Brython or Jupyter to have it run in the browser and rely on those libraries for security?
I know there are companies like Codility that SEEM to do this successfully. However I know of others like Quantopian, that have been hacked. I apologize I don’t have a lot of experience with this type of issue.