Right now I'm working on a sandbox library for node.js. I'd most likely be
using vm.runInNewContext to prevent any unwanted methods (eg process.kill)
from becoming accessible, and the untrusted code would run in a different
I'm looking into the possibility of enabling code to call a wrapped
'require()' for loading a restricted set of modules (eg 'crypto' or
'util'), or even exposing wrapped versions of 'net' or 'fs' that restrict
their use to certain paths/addresses. This is mainly for performance
reasons, otherwise I'd do I/O in the main process.
I'm a bit concerned that somehow, 'process.binding()' is going to become
accessible to the untrusted code if I expose a module to it. Is this an
irrational concern, or would it be more secure to wrap process.binding in
the global scope of my sandbox before running the untrusted code?
Job Board: http://jobs.nodejs.org/
Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
You received this message because you are subscribed to the Google
Groups "nodejs" group.
To post to this group, send email to firstname.lastname@example.org
To unsubscribe from this group, send email to
For more options, visit this group at