pooled-sandbox

Run untrusted javascript code in a pool of worker processes.

Usage no npm install needed!

<script type="module">
  import pooledSandbox from 'https://cdn.skypack.dev/pooled-sandbox';
</script>

README

sandboxjs

Run untrusted javascript code in a pool of worker processes.

Key Features

  • Runs code on in a new process with memory and runtime isolation.
  • Based on generic-pool so that workers can be re-used.
  • Supports POSIX setrlimit to use OS enforcement of resource limits.
  • Supports POSIX chroot operate in a chroot jail.
  • Supports running under different user id via setuid.
  • Supports running under different group id via setgid.

Note: The isolation guarantees provided by this module are likely not sufficient for running untrusted code in a multi-tenant environment. For a complete, scalable solution, please consider https://webtask.io.**

Installation

npm install --save pooled-sandbox

Running tests

npm test

Usage

var Pool = require('../');
var Code = require('code');


var expect = Code.exect;
var pool = new Pool();
var args = [1, 2];


pool.run({ code: userCode, args: args}, function (err, response) {
    expect(err).to.be.null();
    expect(response.data).to.be.an.array();
    expect(response.data).to.deep.equal(args);
    
    console.log('Response', response.data);
    console.log('stdout', response.stdio.stdout);
    console.log('stderr', response.stdio.stderr);
});

function userCode(arg1, arg2, cb) {
    cb(null, arg1, arg2);
}

API

TODO

Contributing

Just clone the repo, run npm install and then hack away.

License

MIT