How is the JS code sandboxed?

Question

How is the JS code sandboxed?

spolu opened this issue 2 years ago · 2 comments

Hi! Very nice project.

I was looking at the script.rs code and couldn't quite understand how the JS code is sandboxed. Is the sandboxing coming from the default Deno runtime configuration? What are the guarantees we can assume here?

Thank you!

Answer 1 · 2022-08-22T16:35:12.000Z

Yes, Deno takes care of the sandboxing.
On its homepage, the mission statement includes:

Secure by default. No file, network, or environment access, unless explicitly enabled.

More detailed information can be found on the Permissions page. Those are not (yet?) provided by js-sandbox though.

Answer 2 · 2022-08-22T16:36:40.000Z

Thanks! Very useful!