How is the JS code sandboxed?
spolu opened this issue · 2 comments
spolu commented
Hi! Very nice project.
I was looking at the script.rs code and couldn't quite understand how the JS code is sandboxed. Is the sandboxing coming from the default Deno runtime configuration? What are the guarantees we can assume here?
Thank you!
Bromeon commented
Yes, Deno takes care of the sandboxing.
On its homepage, the mission statement includes:
- Secure by default. No file, network, or environment access, unless explicitly enabled.
More detailed information can be found on the Permissions page. Those are not (yet?) provided by js-sandbox though.
spolu commented
Thanks! Very useful!