Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Bullet-proof groovy script embedding

I'm working on a server app that may be extended by user-supplied Groovy scripts. It's evident that I want to make sure these scripts run in a very tight sandbox where they cannot disrupt the core application code or consume too much resources to overload the server.

I have studied various possibilities and the final solution may be a combination of these:

  • Run the script within a very restricted security manager. The script is run within a no permission SecurityManager. Additional permissions have to be declared (like Android).

  • Launch a new JVM. Create a ScriptProcess wrapper around Runtime.exec and spawning a new JVM with a security manager, limited heap, etc. Because we launch a full-blown process, we might get more control on monitor bad behaving ones? The cost in resource would be dire though... An alternative would be to use Ant here, but would it be scalable?

  • Java Monitor API In Java 6 there is a package with monitoring capacity. We could monitor threads and maybe detect infinite loops and memory consumption. Anyone used this?

These are what I have in mind today. What would be the best way to make sure these scripts behave correctly and still keep a certain scalability and performance?

like image 381
Joel Grenon Avatar asked Jun 02 '11 03:06

Joel Grenon


People also ask

What does [:] mean in Groovy?

[:] creates an empty Map. The colon is there to distinguish it from [] , which creates an empty List. This groovy code: def foo = [:]

What is def in Groovy script?

The def keyword is used to define an untyped variable or a function in Groovy, as it is an optionally-typed language.

How do I verify Groovy script?

Check the version of Groovy in a projectIn the Project Structure dialog, under Platform Settings, select Global Libraries. If you need to check what Groovy SDK version is used in a module, select Modules, the module's name and click the Dependencies tab.


2 Answers

An additional possibility is using Groovy 1.8 compilation customizers on the GroovyShell that runs the embedded scripts. You can pre-import classes and methods, restrict use of the Groovy AST, and pre-apply an AST transformation, such as @ThreadInterrupt, @TimedInterrupt, or @ConditionalInterrupt. Details at:

http://www.jroller.com/melix/entry/customizing_groovy_compilation_process

like image 185
Vorg van Geir Avatar answered Sep 25 '22 23:09

Vorg van Geir


You should have a look at the project groovy-sandbox from kohsuke. Have also a look to his blog post here on this topic and what is solution is addressing: sandboxing, but performance drawback.

like image 22
msauvee Avatar answered Sep 22 '22 23:09

msauvee