How to create a secured sandbox for javascript to run? #303
-
|
Hi,
I want to create a "guest app runtime", which allows my host app to run any javascript written apps in their separate secured sandbox, guest apps will not aware of each other as well as my host app. My host app will have full control of guest apps. Can anyone please give me some basic ideas? Thank you very much. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
Hi @nextfool, You can run scripts in separate script engine instances to keep them unaware of each other. However, buggy, malicious, or resource-starved scripts could still crash the process and take down your host. If you must run untrusted scripts safely, the best way is to run them in separate processes a-la Chromium. That way you could use the capabilities of your operating system to limit resource usage and recover from process crashes. Good luck! |
Beta Was this translation helpful? Give feedback.
Hi @nextfool,
You can run scripts in separate script engine instances to keep them unaware of each other. However, buggy, malicious, or resource-starved scripts could still crash the process and take down your host.
If you must run untrusted scripts safely, the best way is to run them in separate processes a-la Chromium. That way you could use the capabilities of your operating system to limit resource usage and recover from process crashes.
Good luck!