sci

Ingy döt Net 2024-12-02T20:33:10.258549Z

I need to learn more about users being able to limit the capabilities of my (graalvm native-image compiled) SCI app (yamlscript). Things like: • limiting disk read access to specific directories • disabling disk write entirely • disabling network access • disabling IPC entirely and likely much more. I know that's a bit broad but if anyone has relevant links to share links or advice to give about this, I'd appreciate it.

2024-12-02T22:01:03.701719Z

You can select and adapt the functions that go into Sci and control these side effects

2024-12-03T05:29:23.844869Z

Here is an example of selective reading (with slurp) https://github.com/alekcz/pcp#pcpslurp there is also one for spit

👍 1