Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Allowing the user a sandboxed version of a programming language

Note: I'd appreciate some tag suggestions for this one..

I'd like to provide my users with a method of programmatically manipulating data on the server. This would be done by using an in-browser code editor to be executed at a later date, not dissimilar to the manner https://www.onx.ms employ.

I'd like to avoid writing a DSL (a barrier to adoption?), and would prefer the language that the user writes to be either JavaScript or Ruby based.

My obvious concern is security. I understand the perils of allowing user generated code to run server-side, but what steps can I take to eliminate the risk?

Do sites like http://railsforzombies.com actually use irb, or is it far simpler than that?

like image 259
Nick Avatar asked Jun 12 '12 07:06

Nick


2 Answers

Would you consider Java (or other JVM languages such as JRuby, Scala, Clojure etc)? If so - there is a wealth of power in the JVM to restrict the privileges of a sandboxed app. See this other question for details: How do I create a Java sandbox?

like image 200
Alex Wilson Avatar answered Nov 05 '22 23:11

Alex Wilson


Google Caja lets you safely embed user-specified Javascript in your website, but I think it might be aimed at running the code in the user's browser rather than on your server. I haven't used it myself.

I don't know if there are ready-made solutions for other languages, but I think a custom solution would involve recompiling the interpreter yourself after removing all API libraries that allow the user to write to disk, open network connections, fork processes/threads, and do any other dangerous or denial-of-service operation. Whitelisting "safe" libraries is the only approach that could work for that.

It would be safer if you had separate virtual servers for individual users.

like image 32
Leo Avatar answered Nov 05 '22 22:11

Leo