If anyone's interested, https://coderpad.io has this exact feature as well - you can give an interview candidate a problem in Go, and watch them solve it in realtime. As you go, you can execute any of the code written so far.
The time thing is ingenious. It reduces backend memory usage and allows caching.
However, it's possible to achieve the same advantage of cacheability, by executing a unmodified binary and recording the output in a time stamped manner, save it in a cache and replay it later.
I'm very interested in the NaCl approach to server-side jails:
> To isolate user programs from Google's infrastructure, the back
> end runs them under Native Client (or "NaCl"), a technology
> developed by Google to permit the safe execution of x86 programs
> inside web browsers. The back end uses a special
> version of the gc tool chain that generates NaCl executables
I'm a bit sad that the article didn't discuss using NaCl for constrained execution environments a bit more. Docker/linux containers are still a bit heavy-weight for low-budget ARM servers, and it'd be interesting to check out NaCl as a more lightweight, per-executable sandbox.
I'm annoyed that NaCl's SFI is being repurposed so blatantly uselessly. The overhead isn't that much, but when seccomp provides equal or better security without any expense, it really seems like reinventing the wheel.
So this is how Go will make its appearance on Chrome Browser & Chrome OS? Pretty cool. I was a little scared off from NaCl from the C/C++ requirement, but Go will make that a little easier to handle. When is 1.3 suppose to be released?
As http://golang.org/s/go13nacl describes, supporting Chrome is not a goal for 1.3 release, only being able to run nacl-sandboxed executables from command line.
My sandboxing uses Docker instead of NaCl.