Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/thieman/sandbox-in-docker

Free your sandbox using Docker
https://github.com/thieman/sandbox-in-docker

Last synced: 7 days ago
JSON representation

Free your sandbox using Docker

Host: GitHub
URL: https://github.com/thieman/sandbox-in-docker
Owner: thieman
License: epl-1.0
Created: 2014-01-26T19:14:44.000Z (almost 11 years ago)
Default Branch: master
Last Pushed: 2014-01-27T02:05:19.000Z (almost 11 years ago)
Last Synced: 2024-04-14T19:16:45.321Z (7 months ago)
Language: Clojure
Size: 3.62 MB
Stars: 6
Watchers: 3
Forks: 3
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Free your Sandbox using Docker

Run an unrestricted Clojure sandbox using Docker. Runs absolutely any code you throw at it over HTTP, prevents malicious users from doing anything to your system or network, and restarts its workers if they're killed. Why sandbox when you can Docker?

## Deploying

Try it out for yourself using [Docker](http://www.docker.io/)!

```
git clone [email protected]:thieman/sandbox-in-docker
sandbox-in-docker/start_sandbox # see this script for the full Docker commands
```

## Architecture

The sandbox is deployed with Docker. The main sandbox instance is referred to as the "master" and is responsible for providing the HTTP endpoint to accept and respond to incoming evaluation requests. This runs on top of your actual machine, the "host."

The sandbox executes any Clojure code you throw at it with no restrictions at all. To allow this with a modicum of sanity, the master spins off child Docker containers to execute the Clojure code. These containers are modeled off of [Docker in Docker](https://github.com/jpetazzo/dind) and are fully expendable. They are cut off from the Internet and are only allowed to communicate on port 8080, which they use to talk to the master container using [ZeroMQ](https://github.com/lynaghk/zmq-async). If anything causes an executor to time out when executing Clojure code, the master will kill it and spin up a new container to replace it.

## TODO and/or Glaring Flaws

This project is a proof of concept and has some serious flaws. Here's just a few:

* Currently, there is actually only one exec process in the pool.
* All users are talking to the same underlying Clojure environment, meaning they can mess with each other's namespaces. This also means that the entire environment is lost if some smartass runs `(system/exit 0)`.
* The master will restart an executor if it does not return after 10 seconds. However, this does not prevent someone from having some sort of infinite loop fire after X seconds. We should have CPU/RAM monitoring on the executors and restart them if they're acting up.
* There are no measures in place to blacklist malicious actors.

## License

Distributed under the Eclipse Public License either version 1.0 or (at
your option) any later version.