I could see this being incredibly useful, there has been tons of code pasting, but it will make things a lot cleaner and simpler being able to check out fully functioning code while discussing the problem with someone.
Now all it needs is an embeddable widget and this would take over coding blogs and forums.
Very, very nice. Love it. I agree with paulgb, this is something I never thought I would ever find useful, but I can already see myself sharing code snippets with others.
I might be getting greedy, but how about syntax highlighting? Although CodePad is really cool. Bravo! Keep up the great work...
The basic strategy is to run untrusted code (including compilers) under ptrace to disallow a bunch of system calls. It's also chroot jailed, and subject to resource limits and a timeout. There are more details at http://codepad.org/about
Popular code samples are a good idea! I'll add that to the to-do list.
Ah, thanks -- the about link is not so obvious with a really wide screen browser.
Since I think every single person is going to try to do something naughty to your system, a list of the most creative attempts to hack it would be cool too.
"... Codepad.org, a pastebin that executes code ..."
Very nice. Tried "import this" & "hello world in c". There is a poll over on arclanguage that asks if users want this type of functionality (hosted arc repl). I was surprised that more didn't want this type of feature to hack with Arc ~ "A hosted repl" : http://arclanguage.org/item?id=4070
Really cool. I thought of something related yesterday, which would be a place where people could submit code to get comments and feedback from the community about how they would have coded something differently. It would be useful for both newbies, business people, experienced programmers, web programmers, and people who've known COBOL for 20 years and want to learn about new languages. And, for each program, someone could submit code that does the same thing in a different language, especially web languages. This is really awesome and would facilitate this very easily! A good way to learn the proper way to do something, especially with web languages that may change every major version, is by asking questions of experts in an IRC chat, and then watch them argue amongst each other about the best way to implement something. This would solve that problem by letting people browse, search, or reference a particular post or example or add on to it. I'm thinking of a wiki/social news/forum/code execution app.
I somewhat implemented this idea before (but just with Ruby, so obviously a much smaller project.) At the time, one of my biggest to-dos was AJAX support, to allow two people (i.e. a teacher and student) to play with a piece of code together as if they were on the same machine, with either person being able to hit "re-run" at any time and both seeing the updated output. Then I started getting into the details of trying to create a shared interactive debugger, and it started to get out of my range of ability ;).
One suggestion for this, though, copied from something I did in my little project: provide another field (optional, perhaps hidden by default) for batch STDIN, so it doesn't crash on the sample here (a simple Ruby call to gets): http://codepad.org/xz0E5olm
Think of the security implications of allowing anyone to run any language on their server. It doesn't matter if it's PHP, Ruby, or C++, since they all allow shell and filesystem access, unbounded recursion, and all the other goodies that make sandboxing interesting.
The trick would be to run PHP as a command-line scripting language, just like the others.
Afaik, the only (reasonably common) languages with good sandboxes are Tcl and Java. Like they said above, they're the ones building the sandbox, not the language.
i'm not exactly sure what he's talking about, but there's 2 things Lua has here. one is that the language is functional, so you can replace, alter, or remove the dangerous functions. the other is that you can specify the variable 'environment' of a function with a table (Lua's hash.) so you can construct its environment in an 'opt-in' basis and know for sure everything you're allowing the function to do is safe. and of course these things would be meaningless if built-in functions didn't behave like user functions
Untrusted Java web start applications and Java applets can't do anything that could harm the real operating system. We had to buy and keep on renewing an expensive code-signing cert so our app could save a local file.
Every once in a while, a security researcher claims to have gotten untrusted bytecode to run outside the boundaries of the sandbox.
Awesome. Future suggestion (for python), add in some external modules like scipy. Then it would be possible to send examples of some of the more obscure modules. Really nice app.
Now all it needs is an embeddable widget and this would take over coding blogs and forums.