Running v8 itself as a sandbox is non-trivial, at least embedded in a Python or Node.js or similar application.
The web is littered with libraries that half do that and then have a note in the README that says "do not rely on this as a secure sandbox".
... whoa, I don't know how I missed it but I hadn't seen STPyV8 before.
I'd seen PyV8 and ruled it out as very unmaintained.
One of my requirements for a sandbox is that it needs to me maintained by a team of professionals who are running a multi-million dollar business on it. Cloudflare certainly count! I wonder what they use STPyV8 for themselves?
... on closer inspection it doesn't seem to have the feature I care most about: the ability to constrain memory usage (see comment here https://github.com/cloudflare/stpyv8/blob/57e881c7fbe178c598...) - and there's no built-in support for time limits either, you have to cancel tasks from a separate thread: https://github.com/cloudflare/stpyv8/issues/112
PythonMonkey looks promising too: the documentation says "MVP as of September 2024" so clearly it's intended to be stable for production use at this point.
I’m sure you are aware the sandbox that requires maintaining is v8 itself. Of course there are ways for the wrapper to break the sandbox by providing too much in thr global context, but short of that, which the application code could easily do as well, I don’t see why a wrapper should require significant resources to maintain beyond consuming regular updates from upstream. Is there some other reason you hold such a high bar for what is basically just python glue code for the underlying v8 embed api?
None of those v8 solutions provide what I need:
1. The ability to restrict the amount of memory that the sandboxed code can use
2. The ability to set a reliable time limit on execution after which the code will be terminated
My third requirement is that a company with real money on the line and a professional security team is actively maintaining the library. I don't want to be the first person to find out about any exploits!
Is it though? I have not personally used these libraries, but a cursory google search reveals several options: - cloudflare/STPyV8: [0] From cloudflare, intended for executing untrusted code. - Pythonmonkey: [1] Embeds spidermonkey. Not clearly security focused, but sandboxing untrusted code is literally the point of browser js engines.
It's a little less clear how you would do this from node, but the v8 embedding instructions should work https://v8.dev/docs/embed even if nodejs is already a copy of v8.
[0]: https://github.com/cloudflare/stpyv8 [1]: https://docs.pythonmonkey.io