mattwparas
commented
2 months ago Looks like I've got some bitrot there - will take a look
Open jgeraerts opened 2 months ago
mattwparas
commented
2 months ago Looks like I've got some bitrot there - will take a look
mattwparas
commented
2 months ago Okay, taking a look at this now - besides the obvious that it doesn't work, I just wanted to ask what you were hoping the sandboxed engine would do? I haven't spent a great deal of time hardening the sandbox explicitly, but I can easily disallow access to certain APIs and enable easy interruption.
However, it would be trivial for someone to simply allocate an incredibly large list - there are currently no guard rails for that. If you're interested in something like that, I can start plumbing through protections for that kind of thing and start making headway
jgeraerts
commented
2 months ago I was looking to use it as a prototype - dsl around datafusion oriented code. So ideally I could register custom functions and only allow control-flow constructs, basic math etc etc. But you don't need to bother with it for me specifically. I just wanted to report it so you were aware.
mattwparas
commented
2 months ago Got it - so I'll follow up with some fixes here and an example of how you can achieve that soon (hoping either this evening or tomorrow evening)
If you ever post the data fusion code publicly, let me know! I'm also interested in steel wrapping data fusion in some way
I was trying to toy around with steel in a prototype I'm doing. Especially the sandboxed environment looked nice to me but it errors out when constructing.
A failing test demonstrating the issue: