Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sandbox Untrusted Code? #684

Open
Aurailus opened this issue May 16, 2021 · 2 comments
Open

Sandbox Untrusted Code? #684

Aurailus opened this issue May 16, 2021 · 2 comments

Comments

@Aurailus
Copy link

Hello!
I'm a game developer and I'm considering using dyon in my current project. I was wondering if it has the ability to sandbox untrusted code, as I'd like to have user-created scripts running on clients, and it would obviously be an issue if those scripts could maliciously affect clients.
Thank you in advance!
@bvssvni
Copy link
Member

bvssvni commented May 18, 2021

You can disable file, http and threading with Cargo features: https://github.com/PistonDevelopers/dyon/blob/master/Cargo.toml#L29

@Aurailus
Copy link
Author

Thanks for your reply! I guess what I'm really wondering is if it's possible to access the system maliciously with scripts running in Dyon. Like, can you manipulate raw memory? Spawn new processes. I've browsed the readme and it seems like sandbox support isn't a design goal but I wanted to check anyway, because this seems like a great language that I'd love to use in my project.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bvssvni @Aurailus