Is this possible to disable some features in npm?
Question
I would like to execute a user input js to my node js server for execution. But I am afraid that the user may do something bad, for example, remove all the files in my server or write a lots of files in my server.
In order to avoid this, I would like to disable all the read/write operation in that node js server. Is this possible to do so? If yes, please advise.
1 answers
solution1
0 2017-01-19 16:03:13
To run that script use either:
- containers
- zones
- jails
- VMs
depending on what your OS supports.
This is basically what CI services like Travis do. They run my untrusted code, they even let me use npm to install modules, and then they destroy the container and no harm is done. It's like every time I would get a new freshly reinstalled OS.
Never run any untrusted code, even as an unprivileged user.
For possible solutions to your problem see:
- https://www.freebsd.org/doc/handbook/jails.html
- https://wiki.smartos.org/display/DOC/Zones
- https://www.docker.com/
- https://www.vagrantup.com/
- https://linuxcontainers.org/
- https://illumos.org/man/5/zones
- http://www.linux-kvm.org/page/Main_Page
- https://wiki.openindiana.org/oi/7.1+Zones
- http://man.openbsd.org/cgi-bin/man.cgi?query=chroot
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.