You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Consider this a question...
How can I implement dependencies and how can I make sure this doesn't open new vulnerabilities?
For example I have some custom Javascript classes and I want to use them during the evaluation of my code. Just to give an example of what it could look like:
@Wilt evel.js is more of an experiment / challenge - not used as a security measure in production anywhere.
If you have a real situation where you need to run untrusted code that interfaces with trusted code, I would keep them in separate sandboxes and have them interact via an RPC interface.
Yeah, like @kumavis explained this would be out of scope. If no further bypass is found, evel is still just a low level tool that one could cautiously use to carefully build something bigger around.
Consider this a question...
How can I implement dependencies and how can I make sure this doesn't open new vulnerabilities?
For example I have some custom Javascript classes and I want to use them during the evaluation of my
code
. Just to give an example of what it could look like:So prototype etc. should be available...
The text was updated successfully, but these errors were encountered: