Open Kezii opened 3 years ago
Yeah, I'd eventually like to re-add built in sandboxing support.
Aside from currently not protecting against time/memory overuse, rink does have a few design goals/non-goals that help with security:
If you run rink in a child process with restrictions on execution time and memory usage, it should be safe against malicious input. If there's any reason it's not, I'll consider that a security bug and fix it.
I'm exposing rink over the internet to untrusted users, regarding #88, but in general, is in an objective for rink to become resilient against attacks in the future, or should I avoid doing this?