On 23.12.2011 18:30, Jay Ashworth wrote:
This is a really critical point: if you're going to provide an interpreted language to end-users from within a program that is, itself, written in an interpreted language, *you cannot use the underlying interpreter* to run the end-users' programs, unless that interpreter has sandboxing built-in. If you try, you will almost certainly be exposing yourself to critical security vulnerabilities. You're almost *better* off picking a different language, so that you're not tempted to try. Cheers, -- jra
I remember that PHP had some outdated and unmaintained sandboxing PECL module, however it's unmaintained for a long time. http://php.net/manual/en/runkit.sandbox.php Dmitriy