Untrusted environment: Difference between revisions
Added Wren
m (→{{header|Lua}}) |
(Added Wren) |
||
Line 260:
setuid(9); # if 9 is the userid of a non-root user
rm /etc/hosts # actually points to ~/jail/etc/hosts</lang>
=={{header|Wren}}==
Wren code is effectively sand-boxed by its VM, is limited in what it can do and is therefore pretty safe in itself.
However, it has no way of telling whether any input is from an untrusted source except that, when it is being embedded, input can only arrive via the host application which is therefore responsible for checking its authenticity.
A possible vulnerability is that Wren modules are always imported in source code rather than binary form and there is no 'signing' mechanism. It would therefore be possible for someone to replace a 'bona fide' module with a malicious one without either Wren's VM or the host application realizing this had been done.
=={{header|zkl}}==
| |||