Another option would be to start with treating the Elexir Query Server like the Erlang Query Server and keep it off by default and with full access to the internals, so people could opt into it, if their environment allows for it.
Sandboxing could be a step on top or later. I for one would like to see native Elexir support for Views et.al in CouchDB :) Best Jan -- On Oct 16, 2013, at 20:48 , Paul Davis <[email protected]> wrote: > There have been discussions on figuring out how to sandbox Erlang. The > biggest thing on that front was that we'd want it to be a whitelist as > opposed to a blacklist of modules and/or module/function pairs. The > second is that with dynamic invocation its not immediately apparent if > that's entirely possible to do. > > On Wed, Oct 16, 2013 at 10:39 AM, Chris Keele <[email protected]> wrote: >> Hey everyone! I'm trying to develop a sandbox for Elixir, and I wanted to >> see how such a library might prove useful to the CouchDB dev community. >> >> My initial goal is just to be able to run string of code in a predefined >> environment with configurable modules disabled, returning all output. But >> I'd like to design it for bigger things from the ground up, so I was >> wondering what sorts of requirements you might have of a sandbox library if >> you wanted to, say, implement a secure view processor. >> >> I've started a discussion thread here: >> https://groups.google.com/forum/#!topic/elixir-lang-talk/wA1l74HCZmI, but >> I'm particularly interested in your opinions! >> -- >> Chris Keele >>
signature.asc
Description: Message signed with OpenPGP using GPGMail
