name: sandbox-execution-guide description: "Secure sandboxed code execution environments for reproducible research computing" metadata: openclaw: emoji: "🛡️" category: "tools" subcategory: "code-exec" keywords: ["sandbox execution", "code runner", "literate programming", "containerization", "reproducible computing"] source: "wentor"
Sandbox Execution Guide
A skill for setting up and using sandboxed code execution environments for research computing. Covers containerized execution, security considerations, resource management, and integration with research workflows.
Why Sandboxed Execution?
Research code often requires:
- Isolation from the host system for security
- Reproducible environments across machines
- Resource limits to prevent runaway computations
- Multi-language support (Python, R, Julia, MATLAB)
Docker-Based Sandboxes
Creating a Research Container
# Dockerfile for a reproducible research environment
FROM python:3.11-slim
# System dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
build-essential \
gfortran \
libopenblas-dev \
&& rm -rf /var/lib/apt/lists/*
# Create non-root user for security
RUN useradd -m -s /bin/bash researcher
USER researcher
WORKDIR /home/researcher
# Pin all dependencies
COPY requirements.txt .
RUN pip install --user --no-cache-dir -r requirements.txt
# Copy project files
COPY --chown=researcher:researcher . /home/researcher/project
WORKDIR /home/researcher/project
# Resource limits set at runtime, not build time
CMD ["python", "main.py"]
Running with Resource Limits
# Run with CPU, memory, and time constraints
docker run \
--cpus="2.0" \
--memory="4g" \
--memory-swap="4g" \
--pids-limit=100 \
--network=none \
--read-only \
--tmpfs /tmp:size=512m \
--timeout 3600 \
research-sandbox:latest python analysis.py
# Mount data as read-only, output directory as writable
docker run \
-v /data/raw:/data:ro \
-v /data/results:/output:rw \
--cpus="4.0" \
--memory="16g" \
research-sandbox:latest python pipeline.py
Python Sandbox with Resource Limits
Process-Level Isolation
import subprocess
import resource
import signal
import tempfile
import os
def run_sandboxed(code: str, timeout: int = 60,
max_memory_mb: int = 512) -> dict:
"""
Execute Python code in a sandboxed subprocess with resource limits.
Args:
code: Python code string to execute
timeout: Maximum execution time in seconds
max_memory_mb: Maximum memory in megabytes
"""
with tempfile.NamedTemporaryFile(mode='w', suffix='.py', delete=False) as f:
f.write(code)
script_path = f.name
try:
result = subprocess.run(
['python', '-u', script_path],
capture_output=True,
text=True,
timeout=timeout,
env={
'PATH': '/usr/bin:/usr/local/bin',
'HOME': '/tmp',
'PYTHONDONTWRITEBYTECODE': '1'
}
)
return {
'stdout': result.stdout,
'stderr': result.stderr,
'returncode': result.returncode,
'timed_out': False
}
except subprocess.TimeoutExpired:
return {
'stdout': '',
'stderr': f'Execution timed out after {timeout}s',
'returncode': -1,
'timed_out': True
}
finally:
os.unlink(script_path)
# Example usage
result = run_sandboxed("""
import numpy as np
data = np.random.randn(1000)
print(f"Mean: {data.mean():.4f}")
print(f"Std: {data.std():.4f}")
""", timeout=30, max_memory_mb=256)
print(result['stdout'])
Nix-Based Reproducible Environments
For maximum reproducibility, use Nix to pin every dependency including system libraries:
# shell.nix for a research project
{ pkgs ? import (fetchTarball {
url = "https://github.com/NixOS/nixpkgs/archive/nixos-23.11.tar.gz";
}) {} }:
pkgs.mkShell {
buildInputs = with pkgs; [
python311
python311Packages.numpy
python311Packages.scipy
python311Packages.pandas
python311Packages.matplotlib
python311Packages.scikit-learn
R
rPackages.ggplot2
rPackages.dplyr
];
shellHook = ''
echo "Research sandbox activated"
echo "Python: $(python --version)"
echo "R: $(R --version | head -1)"
'';
}
# Enter the reproducible environment
nix-shell shell.nix
# Or use flakes for even better reproducibility
nix develop
Security Best Practices
When running untrusted or third-party code:
- Network isolation: Use
--network=nonein Docker to prevent data exfiltration - Filesystem restrictions: Mount data as read-only, limit writable paths
- Resource caps: Always set CPU, memory, and time limits
- User isolation: Run as non-root user inside the container
- Syscall filtering: Use seccomp profiles to restrict system calls
- Output sanitization: Validate and sanitize all output before processing
Integration with CI/CD
Automate research pipeline execution with GitHub Actions:
name: Research Pipeline
on:
push:
paths: ['src/**', 'data/**']
jobs:
run-analysis:
runs-on: ubuntu-latest
container:
image: research-sandbox:latest
options: --cpus 4 --memory 8g
steps:
- uses: actions/checkout@v4
- run: python src/01_preprocess.py
- run: python src/02_analyze.py
- run: python src/03_visualize.py
- uses: actions/upload-artifact@v4
with:
name: results
path: output/
This ensures every commit triggers a fresh, sandboxed execution of the full pipeline, catching environment-dependent bugs and ensuring reproducibility.