Dify-Sandbox offers a simple way to run untrusted code in a secure environment. It is designed to be used in a multi-tenant environment, where multiple users can submit code to be executed. The code is executed in a sandboxed environment, which restricts the resources and system calls that the code can access.
DifySandbox currently only supports Linux, as it's designed for docker containers. It requires the following dependencies:
- libseccomp
- pkg-config
- gcc
- golang 1.20.6
- Clone the repository using
git clone https://github.com/langgenius/dify-sandbox
and navigate to the project directory. - Run ./install.sh to install the necessary dependencies.
- Run ./build/build_[amd64|arm64].sh to build the sandbox binary.
- Run ./main to start the server.
If you want to debug the server, firstly use build script to build the sandbox library binaries, then debug as you want with your IDE.
Refer to the FAQ document