Nashorn/jjs security: executing a user's script on server side

513 views Asked by At

I'm writing an application where the user can provide a custom javascript function to filter a file on the server side using nashorn/jjs:

cat /etc/js/library.js user.js > tmp.js && 
cat /path/to/input.txt | jjs --language=es6 -doe -J-Djava.security.manager tmp.js > /path/to/output.txt &&
rm tmp.js

I know that the user could write an infinite loop to fill my disk:

for(;;) print("#####);

But is -J-Djava.security.manager sufficient to prevent him to read/write a file on the filesystem ?

Thanks.

1

There are 1 answers

2
A. Sundararajan On BEST ANSWER

You're right. Once you set java security manager, your scripts are "sandboxed". Unless you write explicit security policy where you grant specific permissions to specific scripts, only sandbox permissions are given to scripts. You can safely run unsecure scripts. To grant specific permissions to specific scripts, you need to load script from trusted URLs and use those URLs in security policy:

See also: https://wiki.openjdk.java.net/display/Nashorn/Nashorn+script+security+permissions