dnotebook
dnotebook copied to clipboard
Published
20 hours ago •
javascriptdata
javascriptdata
Secure vm process
Executing code with the Nodejs VM module has many known security vulnerabilities, and we need to address them before any major release.
This tool might help: https://github.com/patriksimek/vm2
See also: https://github.com/nodejs/node/issues/40718 https://pwnisher.gitlab.io/nodejs/sandbox/2019/02/21/sandboxing-nodejs-is-hard.html https://github.com/laverdet/isolated-vm
@risenW can i look into this? I'm really interested in a node related issue
