03 Nov Secure Python / R scripts execution in Docker with Omniscope
We often hear or experience how powerful Python and R languages are for data analytics and scripting in general.
But how about security? How to run a script in a isolated sandbox so you can be sure it’s not going to harm your machine, service or environment.
A while back we’ve introduced the concept of Custom Blocks in Omniscope. Basically anyone can build their own block by using Python or R to expand the set of blocks we bundle and to enable our users to augment their workflow with any scripts, from new analytics algorithms to simple data transformation routines.
However, such scripts have unrestricted access to the filesystem… so you would have to trust your workflow-permissioned users and the designers who create those blocks.
We’ve then decided to make our Omniscope users life easier, and safer! 😅
Omniscope 2021.2 lets you execute all your custom blocks in a Docker container, via a server-wide policy, where the script code is completely isolated from the server – and its file system other than where configured via options (to mount and map single files or folders).
Set up Docker Desktop (Windows/Mac) or Docker daemon (Linux) and you are ready to go. Read more here