couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Filippo Fadda <filippo.fa...@programmazione.it>
Subject Re: Elixir Sandbox
Date Wed, 16 Oct 2013 20:54:46 GMT
Sandboxing is something optional I think, you need only when you are developing a CouchApp,
when you do all in JavaScript, using the _users database and running the app inside CouchDB.
But if you are just using CouchDB like a database, developing a web app using PHP or Python,
for example, you'll never give access to CouchDB from outside, through Futon for example,
so no one will be able to store a new design doc in your database to run malicious code. I'm
using PHP with the ElephantOnCouch Query Server, writing ddoc in PHP, and I really don't see
why I should using runkit to sandboxing the Query Server.

-Filippo

On Oct 16, 2013, at 10:27 PM, Jan Lehnardt wrote:

> Another option would be to start with treating the Elexir Query Server
> like the Erlang Query Server and keep it off by default and with full
> access to the internals, so people could opt into it, if their environment
> allows for it.
> 
> Sandboxing could be a step on top or later.
> 
> I for one would like to see native Elexir support for Views et.al in CouchDB :)
> 
> Best
> Jan
> --
> 
> On Oct 16, 2013, at 20:48 , Paul Davis <paul.joseph.davis@gmail.com> wrote:
> 
>> There have been discussions on figuring out how to sandbox Erlang. The
>> biggest thing on that front was that we'd want it to be a whitelist as
>> opposed to a blacklist of modules and/or module/function pairs. The
>> second is that with dynamic invocation its not immediately apparent if
>> that's entirely possible to do.
>> 
>> On Wed, Oct 16, 2013 at 10:39 AM, Chris Keele <email@chriskeele.com> wrote:
>>> Hey everyone! I'm trying to develop a sandbox for Elixir, and I wanted to see
how such a library might prove useful to the CouchDB dev community.
>>> 
>>> My initial goal is just to be able to run string of code in a predefined environment
with configurable modules disabled, returning all output. But I'd like to design it for bigger
things from the ground up, so I was wondering what sorts of requirements you might have of
a sandbox library if you wanted to, say, implement a secure view processor.
>>> 
>>> I've started a discussion thread here: https://groups.google.com/forum/#!topic/elixir-lang-talk/wA1l74HCZmI,
but I'm particularly interested in your opinions!
>>> --
>>> Chris Keele
>>> 
> 


Mime
View raw message