VM2 - proposal #308
Description
objectos/packages/automation/src/actions.ts
Line 254 in 7787a8b
Hi!
Was just searching GitHub for projects that use vm2, it seems interesting what you're building - entire platform / OS to build stuff on top of, or at least that's how I understand it.
Anyway, about vm2, would strongly suggest to put it in docker, as vm2, isn't actually secure. Although it would lose a lot of performance, cold start and add devOps overhead.
I'm reaching out because I had similar problem, like vm2 seemed great, but you can literally invoke any code on the host, it's super easy to bypass the sandbox. Tried isolated-vm and quickjs-emscripten, recommend the second one highly, although you cannot pass anything that doesn't resolve into a primitive, like you can't e.g. pass a fetch or some class instance.
Recently developed a secure vm2 alternative, very lightweight. Looking for beta testers, will publish it as open source soon.
Let me know if you're interested.