Comments (11)
I'm mainly interested in laying some groundwork for a more granular permission model so that it could maybe later be also exposed in janet's cli.
I'm mainly inspired by deno's permission model and think that janet's good fit for scripting could benefit from that.
from janet.
sandboxing is a task that should be done by the operating system.
from janet.
I think this is the kind of thing that's best written as an external tool. You could write such a tool in janet and C.
However, I already have firejail and apparmor for that. I don't want to reinvent wheels.
from janet.
My assessment is that this is best done as an external janet library that sandboxes a janet function....
Or, it goes into spork... I don't know whether it's possible to sandbox janet.... from within...
from janet.
At least some of what is proposed seems like reasonable extensions to the existing sandbox function.
On a side note, as an example of a concrete use case, the sandbox feature was already put to good use by @AlecTroemel in the Janet support for TIC-80 to improve the security situation. See this PR if interested.
from janet.
Janet's own sandboxing should not conflict with external sandboxing by things like firejail, SELinux, and apparmor.
If janet does its own sandboxing, I want to impose more restrictions through firejail and apparmor.
from janet.
I'm worried that granular internal sandboxing will make janet bloated....
from janet.
Whitelisting approach will force janet to carry lists of common whitelisted paths. Apparmor and firejail carry such lists.
Even apparmor can't block outgoing network connections by hostname. I don't know whether SELinux can do that.
Apparmor can allow unix domain sockets by paths. It can't allow network connections by IP addresses or hosts.
from janet.
I'm mainly interested in laying some groundwork for a more granular permission model so that it could maybe later be also exposed in janet's cli.
If you want this to be configured in command line options, then you should probably just use firejail or apparmor....
If janet ever does this, only sandboxing API makes sense. Landlock is linux sandboxing API.
You really don't want to specify granular permissions on command line unless command line options are constructed programmatically. You want something like a firejail/apparmor profile for granular permissions.
from janet.
allow specifying a list of allowed hosts for networking connections during sandboxing (subdomains might be allowed or not based on input)
That's the job of firewall. Even SELinux doesn't block outgoing network connections by hosts or IP addresses.
from janet.
allow limiting file access by capability (read, read/write etc.)
This is what apparmor does with profiles..... I really don't want to write verbose permissions on command line.....
from janet.
Related Issues (20)
- The default meson option `epoll=false` causes a busy loop and segmentation fault. HOT 10
- Proposal: Terse Chained Indices HOT 19
- Reimplement `slurp` with `os/open`. HOT 28
- A way to read standard input in the background without `file/read` in a thread. HOT 4
- `each` macro improper behavior? HOT 8
- `if-let` breaks tail call optimization. HOT 6
- false branch of `if-let` doesn't report the correct call stack information. HOT 4
- `ev/select` should not resume a dead task. HOT 4
- `try` and `defer` break tail call optimization. HOT 4
- `(= @"update" @"update")` is `false`. HOT 3
- `ev/select` still revives fibers.... HOT 3
- option to unbundle docstrings and potential consequences HOT 8
- splicing into structs/tables HOT 2
- Disasm/asm doesn't round-trip for function with unused argument HOT 1
- eventloop/networking gets stuck on musl HOT 11
- Consider making `module/paths` a dynamic variable HOT 7
- Can it run on iOS? Thank you. HOT 3
- `os/strftime` doesn't respect environment variables. HOT 3
- Re-integrate jpm into janet HOT 49
- recent change kinda breaks lexical scope with multiple modules HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from janet.