couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jason Smith <...@iriscouch.com>
Subject Re: Branch to switch from SpiderMonkey to Node.js
Date Thu, 31 Jan 2013 15:41:21 GMT
On Thu, Jan 31, 2013 at 3:24 PM, Jan Lehnardt <jan@apache.org> wrote:

>
> On Jan 31, 2013, at 16:20 , Robert Newson <rnewson@apache.org> wrote:
>
> > Part of the difficulty in asserting the correctness of the sandbox is
> > that important tests like "cannot read file", "cannot write file",
> > "cannot open socket" cannot be written against SpiderMonkey (or,
> > presumably, V8) as they simply don't provide those features. Node
> > does, and that's the principal advantage of it over V8 as I understand
> > things, but it is obviously silly to write a test suite on that basis.
>
> Excellent point. What ways of mitigating to we have?
>
> Can we construct a sandbox that only allows calling of functions that
> we specify (has Jason done this?).
>

Right, you cannot mechanically prove a negative assertion ("Nothing could
go wrong in this VM.").

However surely you could test *something*. In that huge test suite, there
is room for *some* kind of basic testing. To at least cover the easy stuff.

That is an additional goal of this project: codify some ways to test out a
sandbox, to assess how confident you can feel about it--to compare one
runtime against another, directly.


-- 
Iris Couch

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message