search

gluon-lang / gluon

A static, type inferred and embeddable language written in Rust.
https://gluon-lang.org
MIT License
3.16k stars 145 forks source link

Sandboxing by disallowing file/network access? #937

Open Boscop opened 1 year ago

Boscop commented 1 year ago

Is it possible to disallow file/network access for sandboxing purposes? :)

The only way to interface with the outside world should be through the FFI that the host provides.

(Related to my use case https://github.com/gluon-lang/gluon/issues/936)

Bonus question: How can I capture stdout/stderr output so that I can send it over the network? (E.g. as two std channels that receive each line as it gets printed, or (if that's not possible) two Strings that contain the accumulated output at the end.)

Marwes commented 1 year ago

Is it possible to disallow file/network access for sandboxing purposes? :)

See https://github.com/gluon-lang/gluon/issues/921 (disabling IO should disable any side effects, though there may be bugs of course)

If you want to provide a specific list of IO functions that are allowed, that is not directly possible. It ought to be possible to encode in the effect system, but that hasn't been exposed outside of the standard library (would need more work).

How can I capture stdout/stderr output so that I can send it over the network?

I'd define external stderr/stdout write functions and provide them to the environment and handle the capturing myself in those. The standard library does not provide any sort of capture.