4

According to the node.js vm module docs:

Note that running untrusted code is a tricky business requiring great care. To prevent accidental global variable leakage, vm.runInNewContext is quite useful, but safely running untrusted code requires a separate process.

If I want to build an untrusted code runner (for example, an online node.js console), this would be my natural approach:

  1. Each session of untrusted code would spawn a new process using the child_process module, which could be killed after a certain amount of time
  2. The child process would use runInNewContext to run the code

Would this be a safe approach? What would I have to watch out for?

Nathan MacInnes
  • 11,033
  • 4
  • 35
  • 50
  • `global variable leakage` means you can retrieve global variable. I think the sandboxed code can still reach global vars but any modification/addition would stay in the sandbox. – naab Apr 15 '14 at 11:19
  • Hmmm... that doesn't sound particularly dangerous, unless the website owner has done something silly like `global.fs = require('fs')`. The only dangers I've been able to think of involve infinite loops/recursion. – Nathan MacInnes Apr 15 '14 at 12:05
  • Does this answer your question? [How to run untrusted code serverside?](https://stackoverflow.com/questions/10937870/how-to-run-untrusted-code-serverside) – Jerska Mar 27 '20 at 10:33

0 Answers0