
Show HN: Run Code Snippets in Any Language Inside Your Blog - theloup
https://tech.io/blog/runnable-code-snippets/
======
wyldfire
> Our platform uses Docker images to run the code

Hopefully you've already thought this through and you left out all of the
copious complex security details of the sandboxing out of this announcement.

But just in case you haven't:

\- containers don't provide the best sandboxing on their own

\- if I get sufficient privilege in your container, I can read/write directly
to the device nodes inside the container to impact the host

\- you should also fear cryptocurrency miners burning your cycles

But, kudos to you -- this looks like a really neat feature. A quick skim of
your homepage seems to suggest that sandboxing should be core to your
product's success, so I'll just hope for the best. :)

------
rewrew
I _love_ this, but I worry about longevity -- if we convert all our code
snippets to this, and then this dies, all the older blog posts become useless.
You'd be surprised how many reads even 5+ year old blog posts can get.

~~~
tolmasky
One of the nice things about the way we do things with RunKit embeds
([https://runkit.com/docs/embed](https://runkit.com/docs/embed)) is that the
code lives in your site, not on ours. The API generates the embed the same way
something like highlight.js generates syntax-colored code on your site. That
means if we're ever down, your site gracefully degrades to a not-runnable
snippet, as opposed to merely disappearing like this seems to or with embedded
gists.

~~~
peternicky
RunKit is awesome, highly recommend it.

------
ktRolster
Given that every OS, even OpenBSD is frequently vulnerable to privilege
escalation exploits, it always makes me nervous to run someone else's code.

------
RMarcus
repl.it has had this capability for a while, although the embedded environment
can be a little heavy.

[https://repl.it/site/docs/embed](https://repl.it/site/docs/embed)

------
mikeash
The code running part seems to have been hugged to death, but I like the idea.
Any chance the snippets could be made to run locally, either on my own server,
or better yet within the user's browser itself?

~~~
Myztiq
Well, there is [http://code.runnable.com/](http://code.runnable.com/) which
does something similar. I don't remember if it outputted a dockerfile, but I
do know it runs everything inside docker. I used to work at the company.

------
tbrock
How would one build something like this securely and ensure fairness to all
those who wish to execute (avoid DOS)?

Surely there is more to it than just running the code in a Docker container,
right?

------
throwaway2016a
Edit: I skimmed the article but I missed part. Apologies.

~~~
jsjohnst
Did you read the linked article?

> Our platform uses Docker images to run the code, so you can use code
> snippets in virtually any technology. _A lot of contributors have already
> made the most of our technology and have crafted playgrounds of impressive
> quality._

Emphasis added by me.

~~~
throwaway2016a
I did read that part but I also went to the website and tried the service and
could only find out how to do it via the pre-made templates.

