I work on a project called automately (https://github.com/Automately/) that
utilizes the Nashorn engine and implements some custom sandboxing methods. You
can explore the automtely-core project and it should give you an idea of how
you can do that.
---- On Mon, 01 May 2017 11:20:04 -0500 Eliezer Julian
<eliezer.jul...@sapiens.com> wrote ----
How, thanks for the suggestions. Like I wrote in my original post I have
already limited class access. My concern now is something like an endless loop
or extreme memory allocation which can tie up resources of the server
________________________________
From: G W <grwon...@gmail.com>
Sent: Monday, May 1, 2017 6:18:02 PM
To: Eliezer Julian
Cc: nashorn-dev@openjdk.java.net; Chen Malka; Elior Apelbaum; Moshe Robinov
Subject: Re: Running JS code on a server
Eli,
Have you tried implementing jdk.nashorn.api.scripting.ClassFilter to limit
Class access. Also for resource access, you need to to create wrappers.
e.g. for File access:
function File(f){
this.file = f;
this.delete = function(){
org.sprnkl.server.js.SprnklFile.delete(jsrequestobj,this.file);
return this;
}
this.create = function(dr){
org.sprnkl.server.js.SprnklFile.create(jsrequestobj,this.file);
return this;
}
this.read = function(){
return org.sprnkl.server.js.SprnklFile.read(jsrequestobj,this.file);
}
this.exists = function(){
return org.sprnkl.server.js.SprnklFile.exists(jsrequestobj,this.file);
}
this.length = function(){
return
Math.round(org.sprnkl.server.js.SprnklFile.length(jsrequestobj,this.file));
}
this.list = function(){
return org.sprnkl.server.js.SprnklFile.list(jsrequestobj,this.file);
}
this.isDirectory = function(){
return org.sprnkl.server.js.SprnklFile.isDirectory(jsrequestobj,this.file);
}
this.readString = function(){
var rb = this.read();
var rb2 = [];
for (var ct = 0;ct < rb.length;ct++){
rb2.push(rb[ct]);
}
return String.fromCharCode.apply(String, rb2);
}
this.write = function(b,dr){
if (dr == undefined) dr = true;
org.sprnkl.server.js.SprnklFile.write(jsrequestobj,this.file,b,dr);
return this;
}
this.writeString = function(s,dr){
return this.write(s.getBytes(),dr);
}
}
I have a Framework that is a work in process. Would be happy to share the code
if interested.
Regards
On Mon, May 1, 2017 at 8:55 AM, Jim Laskey (Oracle)
<james.las...@oracle.com<mailto:james.las...@oracle.com>> wrote:
From: Eliezer Julian
<eliezer.jul...@sapiens.com<mailto:eliezer.jul...@sapiens.com>
<mailto:eliezer.jul...@sapiens.com<mailto:eliezer.jul...@sapiens.com>>>
Subject: Running JS code on a server
Date: May 1, 2017 at 6:28:05 AM ADT
To: "nashorn-dev@openjdk.java.net<mailto:nashorn-dev@openjdk.java.net>
<mailto:nashorn-dev@openjdk.java.net<mailto:nashorn-dev@openjdk.java.net>>";
<nashorn-dev@openjdk.java.net<mailto:nashorn-dev@openjdk.java.net>
<mailto:nashorn-dev@openjdk.java.net<mailto:nashorn-dev@openjdk.java.net>>>
Cc: Elior Apelbaum
<elior.apelb...@sapiens.com<mailto:elior.apelb...@sapiens.com>
<mailto:elior.apelb...@sapiens.com<mailto:elior.apelb...@sapiens.com>>>,
Moshe Robinov
<moshe.robi...@sapiens.com<mailto:moshe.robi...@sapiens.com>
<mailto:moshe.robi...@sapiens.com<mailto:moshe.robi...@sapiens.com>>>,
Chen Malka <chen.ma...@sapiens.com<mailto:chen.ma...@sapiens.com>
<mailto:chen.ma...@sapiens.com<mailto:chen.ma...@sapiens.com>>>
Hi,
I am developing a server side application and would like to add a feature that
allows a user to submit JS code to be executed via Nashorn. My concern is that
a user may submit malicious code that may compromise the server. I have already
limited the script’s access to the bare minimum of Java classes, and have
implemented a mechanize to kill the script if execution time runs over a
certain limit. I have also manually removed many of the special methods such as
print, echo, exit and quit from the Bindings object. However, this is extremely
limited in scope compared to the damage a willfully malicious user may be able
to effect via this feature (such as allocating too much memory, try to access
the file system via the script, etc.). I was wondering if the Nashorn
development team had any recommendations as far as security is concerned, and
whether there are any plans to add additional security features in the future.
Thanks,
Eli Julian
Software Developer
Decision Division
Email: eliezer.jul...@sapiens.com<mailto:eliezer.jul...@sapiens.com>
<mailto:eliezer.jul...@sapiens.com<mailto:eliezer.jul...@sapiens.com>>
Office: +972-3-7902155
Mobile: +972-50-3697238
Skype handle: eli_julian
Visit us at: www.sapiens.com<http://www.sapiens.com>
<http://www.sapiens.com/>
