Is untrusted code execution a goal of the project? #4303
Comments
|
I'm not on the Deno team but my impression is that it is supposed to be a proper sandbox for running untrusted code. If not the team should definitely update their description of Deno! #3401 has been marked as a bug by the team which indicates they have the right idea but need time to execute. Personally I'm happy to give them the time and I am grateful that so far 1.0 has not been pushed out with known safety problems. I also intend to use it as a sandbox, which is why I created this project that you might be interested in: https://github.com/teleclimber/deno-sandbox-tests (Note it currently suffers from a bug that causes false positives: teleclimber/deno-sandbox-tests#8) |
|
Cool project. I see #3401 is not only a bug, but also marked as a 1.0 blocker, which makes me hopeful. Will continue there. |
The manual reads like it is, and there is
--allow-readand such, but then there's #3401, which makes me think.Also, the entire process uses a single v8 isolate, so I guess a separate
denoprocess would have to be launched? And then stdout/stderr parsed to get errors etc.?Context
I'm currently executing untrusted code just fine using C++/V8 directly, but I would like to add access to network:
... while not exposing any more of the local machine.
Can Deno be a solution for this without adding a ton of new attack surface?
The text was updated successfully, but these errors were encountered: