On Mar 4, 8:43 pm, Luke Scott <[email protected]> wrote: > What I'm trying to figure out is what to do when I want users to write > plugins (untrusted code). I only want them to have access to (1) what > V8 vanilla provides and (2) a few classes that provide context sensitive > functions. But with a single thread malicious code goes well beyond what > the user can access - It also includes writing code that blocks.
IIRC there are some modules out there for this kind of sandboxing. It more or less boils down to spinning up a child process which creates a vm context and then executes the untrusted code. Once the code is "finished", you can report back to the parent process. Otherwise, if the child process takes too long, you can kill it and assume the untrusted code was doing something bad/incorrect/etc. -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
