Release version 0.4.0

EtiennePerot · EtiennePerot · commit 088b1189e5b9 · 2024-09-10T23:41:46.000-07:00
diff --git a/docs/setup.md b/docs/setup.md
@@ -24,9 +24,7 @@ You can do this the **easy way** (good for single-user setups) by running Open W
 * On **Docker**: Add `--privileged=true` to `docker run`.
 * On **Kubernetes**: Set `spec.securityContext.privileged` to `true`.
 
-**This will remove all security measures** from the Open WebUI container. From a security perspective, this is roughly equivalent to running the Open WebUI server as root outside of a container on the host machine.
-
-However, **code running as part of this code execution function/tool will still run in a secure gVisor sandbox** and cannot impact the host.
+**This will remove all security measures** from the Open WebUI container. From a security perspective, this is roughly equivalent to running the Open WebUI server as root outside of a container on the host machine. However, **code running as part of this code execution function/tool will still run in a secure gVisor sandbox** and cannot impact the host or the Open WebUI container.
 
 This is adequate for single-user setups not exposed to the outside Internet, while still providing strong security against LLMs generating malicious code. However, if you are running a multi-user setup, or if you do not fully trust Open WebUI's code, or the Open WebUI server's HTTP port is exposed to the outside Internet, you may want to harden it further. If so, **don't** set the `privileged` setting, and read on to the hard way instead.
 
@@ -53,7 +51,7 @@ The below is the minimal subset of changes that `--privileged=true` does that is
 * **Mount `cgroupfs` as writable**:
     * On **Docker**: Add `--mount=type=bind,source=/sys/fs/cgroup,target=/sys/fs/cgroup,readonly=false` to `docker run`.
     * On **Kubernetes**: Add a [`hostPath` volume](https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) with `path` set to `/sys/fs/cgroup`, then mount it in your container's `volumeMounts` with options `mountPath` set to `/sys/fs/cgroup` and `readOnly` set to `false`.
-    * **Why**: This is needed so that gVisor can create child [cgroups](https://en.wikipedia.org/wiki/Cgroups), necessary to enforce per-sandbox memory usage limits.
+    * **Why**: This is needed so that gVisor can create child [cgroups](https://en.wikipedia.org/wiki/Cgroups), necessary to enforce per-sandbox resource usage limits.
 * **Set the `container_engine_t` SELinux label**:
     * On **Docker**: Add `--security-opt=label=type:container_engine_t` to `docker run`.
     * On **Kubernetes**: Set [`spec.securityContext.seLinuxOptions.type`](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#assign-selinux-labels-to-a-container) to `container_engine_t`.
diff --git a/open-webui/functions/run_code.py b/open-webui/functions/run_code.py
@@ -5,15 +5,19 @@
 author: EtiennePerot
 author_url: https://github.com/EtiennePerot/open-webui-code-execution
 funding_url: https://github.com/EtiennePerot/open-webui-code-execution
-version: 0.3.0
+version: 0.4.0
 license: Apache-2.0
 """
 
 # This is an OpenWebUI *function*. It can run code within LLM-generated code blocks.
 # If you are looking for an OpenWebUI *tool* to allow the LLM to run its own code,
 # see here instead: https://openwebui.com/t/etienneperot/run_code/
 # See https://github.com/EtiennePerot/open-webui-code-execution for more info.
-
+# NOTE: If running Open WebUI in a container, you *need* to set up this container to allow sandboxed code execution.
+# Please read the docs here:
+#
+#   https://github.com/EtiennePerot/open-webui-code-execution/blob/master/README.md
+#
 # Protip: You can test this tool manually outside of OpenWebUI by running it like this:
 #
 #   echo 'print("Hello world!")' | python3 run_code.py
diff --git a/open-webui/tools/run_code.py b/open-webui/tools/run_code.py
@@ -14,13 +14,22 @@
 # of code in the LLM output, see here instead:
 # https://openwebui.com/f/etienneperot/run_code/
 # See https://github.com/EtiennePerot/open-webui-code-execution for more info.
-
-# Protip: You can test this tool manually outside of OpenWebUI by running it like this:
+# NOTE: If running Open WebUI in a container, you *need* to set up this container to allow sandboxed code execution.
+# Please read the docs here:
 #
-#   echo 'print("Hello world!")' | python3 run_code.py
+#   https://github.com/EtiennePerot/open-webui-code-execution/blob/master/README.md
+#
+# Protip: You can test this tool manually by running it as a Python script, like so:
+# (Run this inside the Open WebUI container)
+#
+#   python3 run_code.py --self_test
 #
 # This will simulate that OpenWebUI would do if it asked this tool to evaluate the Python code `print("Hello world!")`.
 # This can be useful when setting up this tool to verify that it works in your environment.
+# You can also use it for one-off code execution like this:
+#
+#   echo 'print("Hello world!")' | python3 run_code.py
+#
 
 import asyncio
 import argparse
