incubator-couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Benoit Chesneau <bchesn...@gmail.com>
Subject Re: Branch to switch from SpiderMonkey to Node.js
Date Mon, 04 Feb 2013 10:18:53 GMT
On Sun, Feb 3, 2013 at 4:44 PM, Klaus Trainer <klaus_trainer@posteo.de>wrote:

> On Thu, 2013-01-31 at 14:46 +0000, Jason Smith wrote:
> >
> > The word "sandbox" is vague. There is no clear definition. (There is a
> > mundane historical reason for that: the "sandbox" was whatever the C
> > program did.)
>
> Good point. For instance, even if you're executing JavaScript within
> plain Spidermonkeys, people might still be able to issue
> denial-of-service attacks against your system. Or side channel attacks.
>


DOS has nothing with sandboxing or maybe in a large extent here. Sandboxing
in couchjs is about:

1. restrict I/O : no disk or net access from a view
2. make sure that a view function won't leek to another

- benoƮt

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message