Tim Starling wrote:
SpiderMonkey. You can pass an -Xmx option to the java VM, and it'll
throw an OutOfMemory exception when it hits that limit, allowing you
to implement per-snippet memory limits without killing the
interpreter. You could do wall-clock time limits using
java.util.Timer, or CPU time limits using a JNI hack to poll clock().
You could turn off LiveConnect by making your own ClassShutter,
leaving what (on initial impressions) is a reasonably secure sandbox.
Freebase is apparently doing their server-side JS work with Rhino and
have actually modified their JVM to handle some of the resource limiting.
Running scripts in the Java VM has the advantage that
you don't have
to rely on the security of the collection of amateurish C code that is
PHP. Remember those PCRE crash bugs that went unfixed for years,
before someone finally demonstrated elevation to arbitrary execution?