Hacker News new | ask | show | jobs
by conroy 590 days ago
wasmtime works as long as you make sure to include the lib directory

    % wasmtime run --dir .::/ python.wasm -c 'print("hello world")'
    hello world
disclaimer: I run a code execution API service (https://riza.io/playground) that does this and more (HTTP, packages, etc.)
3 comments
simonw 590 days ago
Wow that's almost what I want.

    wget https://github.com/brettcannon/cpython-wasi-build/releases/download/v3.13.0/python-3.13.0-wasi_sdk-24.zip
    unzip python-3.13.0-wasi_sdk-24.zip
    wasmtime run --dir .::/ python.wasm -c 'print("hello world")'
So far so good! But... it looks like that --dir option mounts the current directory as both readable and writable:

    wasmtime run --dir .::/ python.wasm -c 'print(len(open("python.wasm", "rb").read()))'
    # Outputs 28775526
But malicious code can break the system like this:

    wasmtime run --dir .::/ python.wasm -c 'open("python.wasm", "wb").write(b"blah")'
And now it fails with an error if you try to run it because we over-wrote python.wasm. Even if I move python.wasm out of the current directory I'd still be able to break things by breaking those other lib files.

Although... I guess I could use unix filesystem permissions to make those read-only? That could work.

link
conroy 590 days ago
This is just a limitation of the wasmtime CLI. The full Rust API let's you mount filesystems as read-only. Not sure why it's not exposed as an argument.
link
simonw 590 days ago
Thanks - I just found an open issue for exposing that in the Python API: https://github.com/bytecodealliance/wasmtime-py/issues/251
link
compressedgas 590 days ago
You might need to wrap the wasmtime command in firejail or bubblewrap with appropriate arguments to get the operation restrictions you want.
link
sitkack 589 days ago
While that might be a workable stop gap, there is zero reason why this couldn’t be handle in the wasi shim layer. This is exactly what wasi was designed for.
link
michaelmior 589 days ago
s/disclaimer/shameless plug/ :P Nothing wrong with it, but not really a disclaimer.
link
avinassh 589 days ago
> .::/

whats this magic

link
wyldfire 589 days ago
Wild speculation based on very little understanding of WASI/WASM:

Perhaps "--dir .::/" means treat the host directory "." as the guest directory "/"?

link