On Thu, Jan 31, 2013 at 5:27 PM, Jason Smith <[email protected]> wrote:
> On Thu, Jan 31, 2013 at 3:39 PM, Jan Lehnardt <[email protected]> wrote: > > > > > >> Can someone please specifically describe a "sandbox" feature? CouchJS > > >> passes the test suite. So what does the sandbox do? > > >> > > > > > > did it many time. See my other mail where I tried to summarise it > again. > > > > Can you give me a link? I was rather busy with CouchDB Conf prep in the > > past weeks. > > > > I have been collecting them as notes in the v8 ticket, COUCHDB-1643 > > Starts here: > > https://issues.apache.org/jira/browse/COUCHDB-1643?focusedCommentId=13556131&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13556131 > > Obviously, I am mostly listing "non-features" which are impossible to test > for. However I still have some ideas. Like I said, if JavaScript runs and > there are not *exactly* the correct global variable names (and their types) > then maybe that should be a failing unit test. > > Also, I am thinking of maybe doing something with library shimming, using > LD_PRELOAD or something. Or maybe something with dtrace. I would like to > log all i/o a process does, at the system call level or so. And then run > the entire CouchDB test suite. Then I can make sure that total i/o bytes > into and out of javascript === 0. > A javascript engine doesn't expose any IO par default. The **framework** nodejs is, this is all the point. I'm quite interested by the existing solutions to sandbox nodejs, do you know some projects that does it? > > Maybe I can't defeat a motivated attacker, however a test like that might > detect if we inadvertently do something bad. Doesn't couchjs link about > libcurl. How sure are you that there is no way cURL could possibly ever > sneak into the public API? > > You can build couchdb without curl support. in other case there was this old action.js from jchris that were exposing curl. but by default it isn't. - benoƮt >
