Dockerfile

# Multi-Language Code Execution Sandbox - Secure Docker Container
FROM python:3.11-slim

# Install system dependencies for multiple languages and security tools
RUN apt-get update && apt-get install -y \
    # Node.js & npm for React/JavaScript
    nodejs npm \
    # Build tools
    build-essential \
    gcc g++ \
    # Security: Run as non-root user
    sudo \
    # Cleanup
    && rm -rf /var/lib/apt/lists/*

# Create non-root user for sandbox execution
RUN useradd -m -u 1000 -s /bin/bash sandbox && \
    echo "sandbox ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers

# Set working directory
WORKDIR /app

# Copy requirements and install Python dependencies
COPY requirements_docker.txt /app/requirements.txt
RUN pip install --no-cache-dir -r requirements.txt

# Install React dependencies globally
RUN npm install -g react react-dom

# Copy application code
COPY app_docker.py /app/app.py
COPY sandbox_executor.py /app/

# Create execution directory with restricted permissions
RUN mkdir -p /sandbox && \
    chown sandbox:sandbox /sandbox && \
    chmod 755 /sandbox

# Switch to non-root user
USER sandbox

# Expose port 7860
EXPOSE 7860

# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
  CMD python -c "import requests; requests.get('http://localhost:7860/health')" || exit 1

# Run the application
CMD ["python", "app.py"]