Sandboxing/running semi-trusted or untrusted code

[alexec]

I'd like to understand if it is OK to use Otto to run semi-trusted or untrusted code?

• semi-trusted the author of the code is motivated not to write malicious code, but may accidentally do so
• untrusted the author of the code may intentionally write malicious code
• malicious code the code intentionally attempt to escape the sandbox, e.g. by consuming too much CPU, memory, disk, or net

[Asday]

Otto is just a JavaScript interpreter. There's nothing sandboxy (or counter-sandboxy) about it in particular.

Note that hardening a system that runs arbitrary code is incredibly difficult, and guarantees can never really be made. Check out docker, for instance. There's always some horrific vulnerability in that fresh in everyone's memory, and it's written and maintained by many thousands of people very good at this.

Instead of running arbitrary code handed to you by your users, consider whether you should be handing them a loaded gun in the first place.

[alexec]

Thats' what I expected, thank you!