Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Running the Node tasks in a separate subprocess or sandbox #6

Open
egoist opened this issue May 31, 2018 · 4 comments · May be fixed by #42
Open

Running the Node tasks in a separate subprocess or sandbox #6

egoist opened this issue May 31, 2018 · 4 comments · May be fixed by #42
Labels
💬discussion

Comments

@egoist
Copy link
Owner

egoist commented May 31, 2018

Thanks for the comment on HN https://news.ycombinator.com/item?id=17196329
@egoist egoist added 💪enhancement New feature or request 😍good first issue Good for newcomers labels May 31, 2018
@egoist
Copy link
Owner Author

egoist commented Jun 1, 2018
edited

In terms of security, I think require-from-string isn't that bad since the code it runs isn't untrusted code, the code is written by you or the one the trust 😅

The extra features that it might bring us by running the code in a sandbox:

  • proper sourcemap?
  • ?

@egoist egoist added 💬discussion and removed 💪enhancement New feature or request 😍good first issue Good for newcomers labels Jun 1, 2018
@egoist egoist changed the title Running the Node tasks in a separate subprocess Running the Node tasks in a separate subprocess or sandbox Jun 1, 2018
@tunnckoCore
Copy link
Contributor

I think it's good and enough too.

But probably could be replaced with simply

const vm = require('vm');

vm.runInNewContext(`
  var util = require('util');
  if (Boolean(util)) {
   console.log(123);
  }
  console.log(util.isBoolean(true));
`, {
  require: require,
  console: console
});

@tunnckoCore tunnckoCore mentioned this issue Jun 6, 2018
Open
@tunnckoCore
Copy link
Contributor

Actually microcule is cool. But pretty pretty big in terms of number of deps. And probably too much for here. But is good, because support tons of "languages".

@tunnckoCore tunnckoCore linked a pull request Jun 6, 2018 that will close this issue
Open
@Marak
Copy link

Marak commented Jun 7, 2018

@olstenlarck -

I'm the main developer on microcule.

I agree it's current configuration in main branch is a bit heavy in terms of dependencies, but this is mostly due to some legacy requirements from it's enterprise usage.

We've discussed the idea on our end before of creating a dependency like microcule-spawn in order to separate our concerns and streamline microcule project itself.

Let me know if you have any questions or ideas about this. It would be relatively easy to create a brand new module to support spawning multiple languages binaries like python or php, but it can get start to get difficult when dealing with many languages ( both dynamic and static ).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
💬discussion
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

implement sandboxing for js tasks tunnckoCore/maid
3 participants
@Marak @tunnckoCore @egoist