Hi, Right now I'm working on a sandbox library for node.js. I'd most likely be using vm.runInNewContext to prevent any unwanted methods (eg process.kill) from becoming accessible, and the untrusted code would run in a different node process.
I'm looking into the possibility of enabling code to call a wrapped 'require()' for loading a restricted set of modules (eg 'crypto' or 'util'), or even exposing wrapped versions of 'net' or 'fs' that restrict their use to certain paths/addresses. This is mainly for performance reasons, otherwise I'd do I/O in the main process. I'm a bit concerned that somehow, 'process.binding()' is going to become accessible to the untrusted code if I expose a module to it. Is this an irrational concern, or would it be more secure to wrap process.binding in the global scope of my sandbox before running the untrusted code? Thanks again! -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
