Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sandboxing #43

Closed
VeNoMouS opened this issue Apr 10, 2019 · 2 comments
Closed

sandboxing #43

VeNoMouS opened this issue Apr 10, 2019 · 2 comments

Comments

@VeNoMouS
Copy link

From what I can see you are not sandbox'ing duktape at all... is this correct?
@amol-
Copy link
Owner

amol- commented Apr 11, 2019

Depends on your definition of sandboxing. Each Interpreter has its own heap. But yeah, dukpy is certainly not meant to run unverified code coming from unknown locations. Only trusted code.

@amol-
Copy link
Owner

amol- commented Jun 3, 2022

Given that dukpy only has access to functions and variables you explicitly provide and there is no default support for network, disk or system calls, I think that excluding bugs dukpy should satisfy a definition of sandboxing.

@amol- amol- closed this as not planned Won't fix, can't repro, duplicate, stale Jun 3, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@VeNoMouS @amol-