如何在沙盒中使用Rhino for Java运行Javascript? [英] How can you run Javascript using Rhino for Java in a sandbox?
问题描述
我们的部分Java应用程序需要运行由非开发人员编写的javascript。这些非开发人员使用javascript进行数据格式化。 (主要是简单的逻辑和字符串连接)。
Part of our java application needs to run javascript that is written by non-developers. These non-developers are using javascript for data formatting. (Simple logic and string concatenation mostly).
我的问题是如何设置这些脚本的执行以确保脚本错误不会对主要负面影响应用程序的其余部分。
My question is how can I setup the execution of these scripts to make sure scripting errors don't have a major negative impact on the rest of the application.
- 需要防范无限循环
- 防止产生新线程。
- 限制对服务和环境的访问
- 文件系统(示例:如果不满的脚本编写者决定删除文件)
- 数据库(同样删除数据库记录)
- Need to guard against infinite loops
- Guard against spawning new threads.
- Limit access to services and environment
- File system (Example: If a disgruntled script writer decided to delete files)
- Database (Same thing delete database records)
基本上我需要设置javascript范围,只包括他们需要的内容,而不是更多。
Basically I need to setup the javascript scope to only include exactly what they need and no more.
推荐答案
要警惕对于无限循环,你需要将它放在一个单独的进程中以便它可以被杀死。
To guard against infinite loops, you'd need to put it in a separate process so that it could be killed.
为了防止创建线程,你需要扩展SecurityManager (默认实现允许不受信任的代码访问非根线程组)。
To guard against creating threads, you'd need to extend SecurityManager (the default implementation allows untrusted code to access non-root thread groups).
Java安全性允许您阻止访问文件系统。
Java security does allow you to prevent access to the file system.
对于数据库限制,您可能可以使用标准SQL用户安全性,但这非常弱。否则,您需要提供一个强制执行限制的API。
For database restrictions, you might be able to use the standard SQL user security, but that is quite weak. Otherwise, you need to provide an API that enforces your restrictions.
编辑:我应该指出,随JDK6提供的Rhino版本已经完成了安全工作,但不包括编译器。
I should point out that the version of Rhino provided with JDK6 has had security work done on it, but doesn't include the compiler.
这篇关于如何在沙盒中使用Rhino for Java运行Javascript?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
