Return Styles: Pseud0ch, Terminal, Valhalla, NES, Geocities, Blue Moon. Entire thread

Sandboxing Untrusted Code

Name: Anonymous 2012-06-15 22:45

Been searching and trying out stuff to run untrusted javascript (or any kind of language that has similar features) in a linux server to do some kind of codebin or ideone.
The only input is the code and the only output is text.
I've tried the sandbox module for node.js, but it's so fucking slow. A basic script with some console.log and a JSON.parse takes like ten times more inside the sandbox object than outside.
So, any thoughts about running untrusted code like this?

Name: Anonymous 2012-06-15 22:56

just do nc -e /bin/sh -l -p 8000 and the problem will just take care of itself

Name: Anonymous 2012-06-15 23:05

>>2
the name of the executable goes at the end ?

Name: Anonymous 2012-06-15 23:06

>>3
Nope, the name of the executable is dynamically inferred in this case, you don't need to do any extra work.

Enjoy your sandbox!

you could just remove the net, fs, etc. requireJS modules and run node natively in a timeboxed chroot
Newer Posts
Don't change these.
Name: Email:
Entire Thread Thread List
All trademarks and copyrights on this site are owned by their respective parties. All comments and posts are the responsibility of their own posters.
- Tinychan + 2ch Mode -