With all do respect you are in over your head :)
If you want to take a stab at this for real take a peek at google-caja
On Mon, Jul 2, 2012 at 9:27 PM, Will Riley wrote:
> Hi,
>
> Right now I'm working on a sandbox library for node.js. I'd most likely be
> using vm.runInNewContext to prevent an
This is a talk from 2012 RubyConfIndia where two guys talk about sandboxing
Ruby on the server: http://www.youtube.com/watch?v=ntIzf9onRqA
Some of the stuff is Ruby specific, but there is a lot of good Linux stuff
in there too.
On Monday, July 2, 2012 8:20:42 PM UTC-7, Fedor Indutny wrote:
>
>
Hi,
OneJS (http://github.com/azer/onejs) aims to do a very similar job by
bundling. It wraps all the modules in your project and provides them
custom implementations of global NodeJS functions & objects (require,
process, console etc..);
https://github.com/azer/onejs/blob/master/templates/module.
Well, you may use separate node process, but you should run in in chroot or
jail if you want a real safity here.
Cheers,
Fedor.
On Mon, Jul 2, 2012 at 8:16 PM, Will Riley wrote:
> Ah, I see. I saw in the docs that it says "safely running untrusted code
> requires a separate process", but coul
Ah, I see. I saw in the docs that it says "safely running untrusted code
requires a separate process", but could you elaborate on that? Would it be
better to use vanilla v8 for something like this?
On Monday, July 2, 2012 10:53:26 PM UTC-4, Ben Noordhuis wrote:
>
> On Tue, Jul 3, 2012 at 4:27 AM
On Tue, Jul 3, 2012 at 4:27 AM, Will Riley wrote:
> Hi,
>
> Right now I'm working on a sandbox library for node.js. I'd most likely be
> using vm.runInNewContext to prevent any unwanted methods (eg process.kill)
> from becoming accessible, and the untrusted code would run in a different
> node pro
Hi,
Right now I'm working on a sandbox library for node.js. I'd most likely be
using vm.runInNewContext to prevent any unwanted methods (eg process.kill)
from becoming accessible, and the untrusted code would run in a different
node process.
I'm looking into the possibility of enabling code to
