Personally I'm not so interested in security, but to have access to the global variable. Either we could have it like Seed's sandbox, which is empty and you need to add stuff to the global object manually or with ctx.add_globals(). Or perhaps just let evalcx() use the passed global object as it is, without adding any native or g-i modules to it, and then you would manually add any globals you want to expose (like imports, print, etc..)
But I like the evalcx() approach more as it takes just a codestring and an ordinary object as argument, instead of having to create a special sandbox-context object. /Jonatan On Fri, Aug 13, 2010 at 3:49 PM, Havoc Pennington <[email protected]> wrote: > If coding this, a question is how secure you want it to be; to be an > actual secure sandbox at least a couple things to do would be to > prohibit any use of native or gobject-introspection modules, and > implement the "stop a runaway script using too much CPU" callback, I > forget what spidermonkey calls it. > > Havoc > _______________________________________________ javascript-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/javascript-list
