← Back to context

Comment by MobiusHorizons

1 day ago

This is generally the purpose of JavaScript execution environments like v8 or jsc (or quickjs although I understand not trusting that as a sandbox to the same degree). They are specifically intended for executing untrusted scripts (eg web browsers). Web assembly’s sandboxing comes from js sandboxing, since it was originally a feature of the same programs for the same reasons. Wrapping one sandbox in another is what I’m surprised by.

5 comments

MobiusHorizons

Reply
simonw  1 day ago

Running v8 itself as a sandbox is non-trivial, at least embedded in a Python or Node.js or similar application.

The web is littered with libraries that half do that and then have a note in the README that says "do not rely on this as a secure sandbox".

  • MobiusHorizons  21 hours ago

    Is it though? I have not personally used these libraries, but a cursory google search reveals several options: - cloudflare/STPyV8: [0] From cloudflare, intended for executing untrusted code. - Pythonmonkey: [1] Embeds spidermonkey. Not clearly security focused, but sandboxing untrusted code is literally the point of browser js engines.

    It's a little less clear how you would do this from node, but the v8 embedding instructions should work https://v8.dev/docs/embed even if nodejs is already a copy of v8.

    [0]: https://github.com/cloudflare/stpyv8 [1]: https://docs.pythonmonkey.io

    • simonw  21 hours ago

      ... whoa, I don't know how I missed it but I hadn't seen STPyV8 before.

      I'd seen PyV8 and ruled it out as very unmaintained.

      One of my requirements for a sandbox is that it needs to me maintained by a team of professionals who are running a multi-million dollar business on it. Cloudflare certainly count! I wonder what they use STPyV8 for themselves?

      ... on closer inspection it doesn't seem to have the feature I care most about: the ability to constrain memory usage (see comment here https://github.com/cloudflare/stpyv8/blob/57e881c7fbe178c598...) - and there's no built-in support for time limits either, you have to cancel tasks from a separate thread: https://github.com/cloudflare/stpyv8/issues/112

      PythonMonkey looks promising too: the documentation says "MVP as of September 2024" so clearly it's intended to be stable for production use at this point.

      2 replies →