I was working on a project a while ago where i wanted to do something like this and you can do it pretty easily like this:
I had one process which was the master 'plugin master' which spawned 5 child 'plugin workers'. The master and workers can talk via the ipc pipes if your only using node processes or use some other messaging if ur doing non-node stuff (i like zmq). Then, the master dispatches a task to a worker which executes the task in a new v8 context. Now, depending on the security that you want you can either pool tasks on one worker and run them all on the same context or you can run each one in a separate process. Then depending on your load, you can have your master spawn more / less children. Does this work for you? I guess the only problem is that you can't create thousands of workers all the time or you'll kill the scheduler. On Sunday, March 4, 2012 8:43:15 PM UTC-5, Luke Scott wrote: > > I'm trying to figure out if Node will work for our platform or not (or > even V8 in general). We're planning a rewrite. We use PHP. We need to allow > users to write server side plugins. For it to be secure in PHP we'd have to > write a "language" using flex/bison to eliminate dynamic function calling > and only allow whitelist functions. I can do this. But users would have to > learn this "new language". Most users, if they have any "web development" > experience, are going to be more familiar with JavaScript. So I'm looking > at V8, and thus I found Node.js. > > Node.js seems very promising. Write the same code on server side and > client side - one language instead of two. JavaScript has an event and > async model built in. Node.js provides a single application instance. > Awesome. > > But what makes Node.js harder to swallow is the single thread. First off - > I get it. No argument from me. You guys won't do a "thread pool"/"fibers", > I understand your reasoning. In most projects this is OK because the > developer has complete control over what code is executed. The code can be > written in an async manner. > > What I'm trying to figure out is what to do when I want users to write > plugins (untrusted code). I only want them to have access to (1) what > V8 vanilla provides and (2) a few classes that provide context sensitive > functions. But with a single thread malicious code goes well beyond what > the user can access - It also includes writing code that blocks. > > As I understand it the only way to ensure a user can't jailbreak or block > the event loop is to run their code in a separate thread, which is > something that won't happen in Node.js. There were some mention of > user-land solutions. But this makes me hesitant because wouldn't a > "user-land" solution be written in JavaScript? > > What I'm looking for would be very much like how Chrome isolates tabs. > Pages from different tabs can't communicate, and if one freezes the whole > browser doesn't lock up. You can either close the frozen tab and/or open > another one. > > I'm not asking you to include this in the core. I'm just trying to figure > out if Node.js works for me in this situation. If there are solutions using > Node.js let me know. If there isn't and Node.js isn't the right fit tell > me. If Node.js doesn't work for me, are there are server V8 projects that > would be more appropriate, like v8cgi, or should I just stick with PHP? > > Also, what kind of applications would you not trust on Node.js? Should > someone like Amazon trust Node to power their shopping cart knowing that > having the one thread fail could prematurely cut off thousands of > in-progress transactions? I'm sure Node.js isn't intended to be the "fit > all" solution for everything. But are there things you would say "you > should never use Node for X, but it would be great for Y"? > > Thank you for your patience :)! > On Sunday, March 4, 2012 8:43:15 PM UTC-5, Luke Scott wrote: > > I'm trying to figure out if Node will work for our platform or not (or > even V8 in general). We're planning a rewrite. We use PHP. We need to allow > users to write server side plugins. For it to be secure in PHP we'd have to > write a "language" using flex/bison to eliminate dynamic function calling > and only allow whitelist functions. I can do this. But users would have to > learn this "new language". Most users, if they have any "web development" > experience, are going to be more familiar with JavaScript. So I'm looking > at V8, and thus I found Node.js. > > Node.js seems very promising. Write the same code on server side and > client side - one language instead of two. JavaScript has an event and > async model built in. Node.js provides a single application instance. > Awesome. > > But what makes Node.js harder to swallow is the single thread. First off - > I get it. No argument from me. You guys won't do a "thread pool"/"fibers", > I understand your reasoning. In most projects this is OK because the > developer has complete control over what code is executed. The code can be > written in an async manner. > > What I'm trying to figure out is what to do when I want users to write > plugins (untrusted code). I only want them to have access to (1) what > V8 vanilla provides and (2) a few classes that provide context sensitive > functions. But with a single thread malicious code goes well beyond what > the user can access - It also includes writing code that blocks. > > As I understand it the only way to ensure a user can't jailbreak or block > the event loop is to run their code in a separate thread, which is > something that won't happen in Node.js. There were some mention of > user-land solutions. But this makes me hesitant because wouldn't a > "user-land" solution be written in JavaScript? > > What I'm looking for would be very much like how Chrome isolates tabs. > Pages from different tabs can't communicate, and if one freezes the whole > browser doesn't lock up. You can either close the frozen tab and/or open > another one. > > I'm not asking you to include this in the core. I'm just trying to figure > out if Node.js works for me in this situation. If there are solutions using > Node.js let me know. If there isn't and Node.js isn't the right fit tell > me. If Node.js doesn't work for me, are there are server V8 projects that > would be more appropriate, like v8cgi, or should I just stick with PHP? > > Also, what kind of applications would you not trust on Node.js? Should > someone like Amazon trust Node to power their shopping cart knowing that > having the one thread fail could prematurely cut off thousands of > in-progress transactions? I'm sure Node.js isn't intended to be the "fit > all" solution for everything. But are there things you would say "you > should never use Node for X, but it would be great for Y"? > > Thank you for your patience :)! > -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
