sandbox

How can you run Javascript using Rhino for Java in a sandbox?

醉酒当歌 提交于 2019-11-26 18:54:35
问题 Part of our java application needs to run javascript that is written by non-developers. These non-developers are using javascript for data formatting. (Simple logic and string concatenation mostly). My question is how can I setup the execution of these scripts to make sure scripting errors don't have a major negative impact on the rest of the application. Need to guard against infinite loops Guard against spawning new threads. Limit access to services and environment File system (Example: If

Is there a way to execute php code in a sandbox from within php

瘦欲@ 提交于 2019-11-26 16:33:36
问题 I want to execute a php-script from php that will use different constants and different versions of classes that are already defined. Is there a sandbox php_module where i could just: sandbox('script.php'); // run in a new php environment instead of include('script.php'); // run in the same environment Or is proc_open() the only option? PS: The script isn't accessible through the web, so fopen('http://host/script.php') is not an option. 回答1: There is runkit, but you may find it simpler to

The request was aborted: Could not create SSL/TLS secure channel sandbox account

强颜欢笑 提交于 2019-11-26 16:32:13
问题 It was working well before a week but now it shows following error. I have tried the following things but of no use. ServicePointManager.Expect100Continue = true; ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3; so suggest me with possible solution public string HttpCall(string NvpRequest) //CallNvpServer { string url = pendpointurl; //To Add the credentials from the profile string strPost = NvpRequest + "&" + buildCredentialsNVPString(); strPost = strPost + "&BUTTONSOURCE="

How to disable Sandbox Mode for app in new Facebook Developer?

假如想象 提交于 2019-11-26 15:52:46
问题 I can not see an option to disable that in the new Developers design! 回答1: Its seems they have moved this option to the "Status & Review" section. When accessing this section you will see this text: Do you want to make this app and all its live features available to the general public? And a button where you can change it to "Yes" or "No". 回答2: before go to the "Status & Review" option, first you need to go to settings option and add "Contact Email", then go to "Status & Review" When

How do I create a Java sandbox?

喜欢而已 提交于 2019-11-26 15:52:26
I want to make my application to run other people's code, aka plugins. However, what options do I have to make this secure so they don't write malicious code. How do I control what they can or can not do? I have stumbled around that JVM has a "built in sandbox" feature - what is it and is this the only way? Are there third-party Java libraries for making a sandbox? What options do I have? Links to guides and examples is appreciated! tangens You are looking for a security manager . You can restrict the permissions of an application by specifying a policy . Dafydd Rees Defining and registering

Please login to use the PayPal sandbox feature

时光怂恿深爱的人放手 提交于 2019-11-26 14:36:25
问题 With the recent revamp of the PayPal developer site, I have encountered many problems trying to test my site with PayPal integration. Issue 1: I am not able to check out from out site which it should bring me to sandbox.paypal.com, it return me the common error of "Please login to use the PayPal sandbox feature". I have confirmed that I am logged in to the developer site at developer.paypal.com. Issue 2: Under Applications > Sandbox accounts, in one of the account, I am redirected to the live

Secure way to run other people code (sandbox) on my server?

泪湿孤枕 提交于 2019-11-26 13:17:21
问题 I want to make a web service that run other people code locally... Naturally, I want to limit their code access to certain "sandbox" directory, and that they wont be able to connect to other parts of my server (DB, main webserver, etc) Whats the best way to do it? Run VMware/Virtualbox: (+) I guess it's as secure as it gets.. even if someone manage to "hack".. they only hack the guest machine (+) can limit the cpu & memory the process uses (+) easy to setup.. just create the VM (-) harder to

Sandboxing in Linux

穿精又带淫゛_ 提交于 2019-11-26 13:08:16
问题 I want to create a Web app which would allow the user to upload some C code, and see the results of its execution (the code would be compiled on the server). The users are untrusted, which obviously has some huge security implications. So I need to create some kind of sandbox for the apps. At the most basic level, I\'d like to restrict access to the file system to some specified directories. I cannot use chroot jails directly, since the web app is not running as a privileged user. I guess a

Instagram API doesn’t find any liked posts for sandbox users

旧巷老猫 提交于 2019-11-26 12:39:11
问题 I’m using the Instagram API in sandbox mode. I’m trying to access a User’s liked posts from the Instagram API using their authenticated access token. This user is one of the accepted sandbox users for my app, and has liked some posts. If I call other endpoints with the same token, I get some data, but accessing /users/self/media/liked returns empty data. I’m using this URL: https://api.instagram.com/v1/users/self/media/liked?access_token={verified access token} and this is the result I’m

Safely sandbox and execute user submitted JavaScript?

◇◆丶佛笑我妖孽 提交于 2019-11-26 12:11:14
问题 I would like to have the ability to let users submit arbitrary JavaScript code, which is then sent to a Node.JS server and safely executed before the output is sent back to multiple clients (as JSON). The eval function comes to mind, but I know this has multiple security concerns (the user submitted code would be able to access Node\'s File API, etc). I have seen some projects like Microsoft Web Sandbox and Google Caja which allow execution of sanitized markup and script (for embedding third
订阅 sandbox