Six layers to sandbox untrusted Python — and the escape I missed 0 ▲ chs.us — Carl Sampson 4 hours ago · Tech · hide · 0 comments Letting users run their own Python to shape your server's responses means executing untrusted code in production. Here are the six independent layers that contain it, why each exists, and the AST-bypass that slipped through all the early ones. No comments yet. Log in to reply on the Fediverse. Comments will appear here.