sandboxjs
Run untrusted javascript code in a pool of worker processes.
Key Features
- Runs code on in a new process with memory and runtime isolation.
- Based on generic-pool so that workers can be re-used.
- Supports POSIX setrlimit to use OS enforcement of resource limits.
- Supports POSIX chroot operate in a
chroot
jail. - Supports running under different user id via
setuid
. - Supports running under different group id via
setgid
.
Note: The isolation guarantees provided by this module are likely not sufficient for running untrusted code in a multi-tenant environment. For a complete, scalable solution, please consider https://webtask.io.
Installation
npm install --save pooled-sandbox
Running tests
npm test
Usage
var Pool = ;var Code = ; var expect = Codeexect;var pool = ;var args = 1 2; pool; { ;}
API
TODO
Contributing
Just clone the repo, run npm install
and then hack away.
License
MIT