mirror of https://github.com/svaarala/duktape.git
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
20 lines
793 B
20 lines
793 B
<h1 id="sandboxing">Sandboxing</h1>
|
|
|
|
<p>Sandboxed environments allow execution of untrusted code with two broad
|
|
goals in mind:</p>
|
|
<ul>
|
|
<li>Security: prevent untrusted code from doing unsafe operations such as
|
|
accessing memory directly, causing segfaults, etc.</li>
|
|
<li>Availability: prevent untrusted code from hogging resources, e.g.
|
|
consuming all available memory or entering an infinite loop.</li>
|
|
</ul>
|
|
|
|
<p>Duktape provides mechanisms to achieve these goals for untrusted Ecmascript
|
|
code. All C code is expected to be trusted.
|
|
See
|
|
<a href="https://github.com/svaarala/duktape/blob/master/doc/sandboxing.rst">sandboxing.rst</a>
|
|
for a detailed discussion of how to implement sandboxing.</p>
|
|
|
|
<div class="note">
|
|
Sandboxing support in Duktape 1.3 is still a work in progress.
|
|
</div>
|
|
|