Are you aware of any lightweight sandboxes for Python? not browser based

simonw · 2026-01-26T09:21:10 1769419270

You mean for running unsafe Python code?

I'm on a multi-year quest to answer that question!

The best I've found is running Python code inside Pyodide in WASM in Node.js or Deno accessed from Python via a subprocess, which is a wildly convoluted way to go but does appear to work! https://til.simonwillison.net/deno/pyodide-sandbox

Here's a related recent experimental library which does something similar but with JavaScript rather than Python as the unsafe language, again via Deno in a subprocess: https://github.com/simonw/denobox

I've also experimented with using wasmtime instead of Deno: https://til.simonwillison.net/webassembly/python-in-a-wasm-s...

syrusakbary · 2026-01-26T09:36:38 1769420198

Stay tuned, we are about to release a new version of Wasmer with WASIX, that allows for things that can't currently be done with Pyodide:

  * Multithreaded support
  * Calling subprocesses
  * Signals
  * Full networking support
  * Support for greenlets (say hi to SQLAlchemy!) :)

It requires a small effort in wasmer-js, but it already works fully on the server! :)

pplonski86 · 2026-01-27T08:16:58 1769501818

Thank you! With WASM I can’t use all pypi packages and can’t connect to database, that’s why I’m looking for python based solution

simonw · 2026-01-27T10:12:23 1769508743

In that case you'll need to look at general purpose sandboxes you can run Python in - stuff like Firecracker or Bubblewrap on Linux or sandbox-exec on macOS.

syrusakbary · 2026-01-27T13:24:17 1769520257

With Wasmer you should be able to use all pypi packages (even the native ones), although we are a bit light on the native packages we support now