On Thu, Jan 31, 2013 at 3:39 PM, Jan Lehnardt <[email protected]> wrote:
> > >> Can someone please specifically describe a "sandbox" feature? CouchJS > >> passes the test suite. So what does the sandbox do? > >> > > > > did it many time. See my other mail where I tried to summarise it again. > > Can you give me a link? I was rather busy with CouchDB Conf prep in the > past weeks. > I have been collecting them as notes in the v8 ticket, COUCHDB-1643 Starts here: https://issues.apache.org/jira/browse/COUCHDB-1643?focusedCommentId=13556131&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13556131 Obviously, I am mostly listing "non-features" which are impossible to test for. However I still have some ideas. Like I said, if JavaScript runs and there are not *exactly* the correct global variable names (and their types) then maybe that should be a failing unit test. Also, I am thinking of maybe doing something with library shimming, using LD_PRELOAD or something. Or maybe something with dtrace. I would like to log all i/o a process does, at the system call level or so. And then run the entire CouchDB test suite. Then I can make sure that total i/o bytes into and out of javascript === 0. Maybe I can't defeat a motivated attacker, however a test like that might detect if we inadvertently do something bad. Doesn't couchjs link about libcurl. How sure are you that there is no way cURL could possibly ever sneak into the public API? -- Iris Couch
