Hi everyone, I’m developing a project where I will allow users to dynamically edit and execute code. I was wondering if there is any way to limit what the user can do and access. Something like livebook do.
At the moment, the basic implementation I’m using is this:
For example, I don’t want users to have access to my application’s modules as Ecto. I need a way to limit the user’s environment and allow him to install dependencies and use only the library installed by him.
I don’t believe Code has utilities for running things in a sandbox.
I’m not an expert in this, but I believe the best practice for these sorts of things is to run the code in a fully sandboxed environment, e.g. a container that you can spin up explicitly for this purpose that is configured with limited resources, no Internet connection, etc.
If you need only templating, I would strongly recommend using a templating engine (like mustache), as code generation at runtime is dangerous (access to the system is not the only danger) , there are few other solutions if you need code though:
using a sandboxed environment like luerl, of course the scripts have to be written in lua, this is fully safe and you have full control over the sandbox;
if you want specifically to write only elixir, there is Dune, in this case you will lose a part of the language functionality and it is not fully secure, I would avoid using this if your system is exposed to the internet to be accessed by random users, as there might be ways to ddos the system;.
A ideia é construir algo como o Livebook, para gerar fluxos de trabalho para rodar dentro da empresa, mas a ideia principal é transformar isso em um projeto OpenSource.
Seria uma alternativa ao Zapier, n8n, node-red.