How to allow users to execute code on my SaaS product server-side?
As the title states, I'd like to allow my users to execute arbitrary code they write on our servers. Obviously, this has major security implications.
What would be the best approach as far as containerizing + sandboxing the execution runtime, such that they can execute code from various languages like Python, Node.js, etc. without something "escaping" into our EC2 instances for instance (pun intended)
Obviously, this has been done (many times) before, so I'm curious if any of you have experience with this sort of thing and the best implementation. Are there any libraries, frameworks, etc. out there already for something like this?
6 comments
[ 0.17 ms ] story [ 27.3 ms ] threadNevertheless, if you do need to do so, why not look into using FreeBSD with jails, etc? Alternatively you could spin-up a hosted VM on their behalf and have them use that. But anybody who can program could probably do that for themselves, thus my API suggestion as above.
1. Run code in docker container.
2. Within container run code as unprivileged user.
3. SELinux harden container.
4. Don’t run container as admin if you don’t have to.
5 Specify CPU and memory allowance per container. Run container for make T time.
6. Use a queue to govern how containers are spun up.
7. Don’t reuse containers.
8. Dependent on language, configure compiler/interpreter to disallow risky features.