Confirmed users
920
edits
MDN/Archives/Kuma/Scripting: Difference between revisions
→Sandboxed JavaScript execution
LesOrchard (talk | contribs) |
LesOrchard (talk | contribs) |
||
| Line 161: | Line 161: | ||
** No filesystem access at all (chroot?) | ** No filesystem access at all (chroot?) | ||
*** and/or [http://lxc.sourceforge.net/ LXC] | *** and/or [http://lxc.sourceforge.net/ LXC] | ||
** Whitelisted network access (firewall rules?) | ** Whitelisted network access (eg. firewall rules? limit base URLs of services?) | ||
** Limited execution time (kill the process after | ** Limited execution time (eg. kill the process after 30000 msec?) | ||
** Limited memory usage (kill the process after 10MB consumed?) | ** Limited memory usage (eg. kill the process after 10MB consumed?) | ||
** Auto-disable script if abuse detected? | ** Auto-disable script if abuse detected (eg. penalty box for X minutes?) | ||