vermilionrc icon indicating copy to clipboard operation
vermilionrc copied to clipboard

Published 20 hours ago verified publisher icon bluejekyll

Execution Model

Open bluejekyll opened this issue 4 years ago • 14 comments

What should the execution model for supervised processes be?

Some minimal features

  • All environment variables are white-list only, with some default set that is always passed on, list TBD.
  • We need a common platform sandboxing technique, chroot would be a minimum, with Linux cgroups, BSD jails, macOS sandboxes, Windows Containers, being a good target.
    • will we want to allow for any configuration of this?
    • should we support something like apparmor (is there an equivalent on Windows and macOS?)
  • common management strategies for auto restart, capture of stdout and stderr for logs, etc. would all be MVP requirements.

What is the process model we should follow? To answer this question let's see what we want to be true

  1. It should not be possible for a child process to gain access to a parent process
  2. A parent process should not be able to do more than start, restart, or shutdown the child (i.e. shouldn't have any way to access to the child's memory)

bluejekyll avatar Nov 15 '19 22:11 bluejekyll