Re: sandbox module in gjs



Personally I'm not so interested in security, but to have access to
the global variable. Either we could have it like Seed's sandbox,
which is empty and you need to add stuff to the global object manually
or with ctx.add_globals(). Or perhaps just let evalcx() use the passed
global object as it is, without adding any native or g-i modules to
it, and then you would manually add any globals you want to expose
(like imports, print, etc..)

But I like the evalcx() approach more as it takes just a codestring
and an ordinary object as argument, instead of having to create a
special sandbox-context object.

/Jonatan

On Fri, Aug 13, 2010 at 3:49 PM, Havoc Pennington <hp pobox com> wrote:
> If coding this, a question is how secure you want it to be; to be an
> actual secure sandbox at least a couple things to do would be to
> prohibit any use of native or gobject-introspection modules, and
> implement the "stop a runaway script using too much CPU" callback, I
> forget what spidermonkey calls it.
>
> Havoc
>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]