Node.JS我可以对功能进行访问的沙盒或限制它吗?
[英]Node.JS Can I sandbox or limit what a Function can access?
问题描述
I have a Node.JS instance that dynamically inserts Javascript snippets to be executed from a Database where they are stored as strings. 
我有一个Node.JS实例,它可以动态插入要从数据库中执行的Java代码片段,并将它们存储为字符串。 My problem is that I need to be able to Sandbox the executed Javascript from getting access to anything that can compromise the actual running Node.JS instance, the Database, or other Javascript being executed. 我的问题是,我需要能够对已执行的Java脚本进行沙箱访问,以访问可能损害实际运行的Node.JS实例,数据库或正在执行的其他Java脚本的任何内容。
Is there a way to that I can do this without actually running a separate Instance of Node for each process? 有没有一种方法可以做到这一点,而无需为每个进程实际运行单独的Node实例?
Basically need to put in place security to make sure no rogue javascript is ran 基本上需要设置安全性,以确保没有运行恶意javascript
1 个解决方案
解决方案1
0 已采纳 2013-05-24 22:46:17
Looks like this might be what you're looking for. 看起来这可能就是您想要的。
npm install sandbox
However, it hasn't been updated in over a year. 但是,一年多来没有更新。 So you might be better off using child_process.fork() as described in this posting . 因此,最好使用本发布中所述的child_process.fork() 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.