5

I'm making a nodejs project, and I want to be able to run user code safely using the vm module, but there's many vulnerabilities such as the constructor of every object/function to be used to eval js string. any way to secure it? Thanks!

I tried everything, but nothing works. I also don't want to use other packages. Thanks.

Improve this question
1
  • There are plenty of similar questions in this space. Though it may be very obvious to you (and to someone else after carefully reading your question), it would still be useful to others if you indicated clearly how your question differs from the others, or how their answers were insufficient for your question. Ex. 1, 2, 3, 4. That's one way you can demonstrate your on-site research effort. Commented Nov 1, 2022 at 18:14

1 Answer 1

Reset to default
1

There doesn't seem to be any built-in method to run untrusted code safely. I suppose if you could work with external libraries, there are a few solutions dedicated to this purpose like isolated-vm and vm2.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.