Yeuoly
a0c74d335e
feat: prevent nodejs code injection (#140)
|
6 meses atrás | |
|---|---|---|
| .github | 11 meses atrás | |
| build | 1 ano atrás | |
| cmd | 1 ano atrás | |
| conf | 11 meses atrás | |
| dependencies | 1 ano atrás | |
| docker | 6 meses atrás | |
| internal | 6 meses atrás | |
| tests | 6 meses atrás | |
| .gitignore | 1 ano atrás | |
| FAQ.md | 1 ano atrás | |
| LICENSE | 1 ano atrás | |
| README.md | 1 ano atrás | |
| go.mod | 11 meses atrás | |
| go.sum | 11 meses atrás | |
| install.sh | 1 ano atrás | |
| workflow.png | 1 ano atrás |
README.md
Dify-Sandbox
Introduction
Dify-Sandbox offers a simple way to run untrusted code in a secure environment. It is designed to be used in a multi-tenant environment, where multiple users can submit code to be executed. The code is executed in a sandboxed environment, which restricts the resources and system calls that the code can access.
Use
Requirements
DifySandbox currently only supports Linux, as it's designed for docker containers. It requires the following dependencies:
- libseccomp
- pkg-config
- gcc
- golang 1.20.6
Steps
- Clone the repository using
git clone https://github.com/langgenius/dify-sandboxand navigate to the project directory. - Run ./install.sh to install the necessary dependencies.
- Run ./build/build_[amd64|arm64].sh to build the sandbox binary.
- Run ./main to start the server.
If you want to debug the server, firstly use build script to build the sandbox library binaries, then debug as you want with your IDE.
FAQ
Refer to the FAQ document
Workflow
