Menu
I am writing an application which allow users of my application to extend it using Clojure. The Clojure is entered via a web page in the application and "evaled" to run. My question is how can I sandbox this code entered by the users so that it does not corrupt anything or call System.exit or anything like that?
340
There's a library for that. lazybot in the Clojure IRC chanel uses it. You can find it here: https://github.com/flatland/clojail
139
You should be able to constrain access to code by configuring JDK level permissions. Have a look at the RuntimePermission settings, there's for example a direct setting to inhibit halting the JVM (e.g. System.exit).
3
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
