Closed rahmanusta closed 1 year ago
I think you could use either a security manager (which would allow you to block everything you need) or specifically for graal implement a file system class that filters all disk IO.
http://www.graalvm.org/sdk/javadoc/org/graalvm/polyglot/io/FileSystem.html
Does GraalVM supports all standard permissions here https://docs.oracle.com/javase/8/docs/technotes/guides/security/permissions.html for languages in GraalVM such as ruby, js, R ?
For all the Truffle-based languages (Graal.js, GraalPy, TruffleRuby, FastR, etc.) we have our own Context
API that allows that kind of restrictions. See the JavaDoc at https://www.graalvm.org/truffle/javadoc/org/graalvm/polyglot/Context.Builder.html
Christian
In GraalVM, is it possible to block users from accessing file and network APIs for all languages ? Is there a way to configure it? How can I run GraalVM in safe mode?
Thanks Rahman