sandbox
core-api
cfunction
src/core/corelib.c on line 776, column 1
(sandbox & forbidden-capabilities)
Disable feature sets to prevent the interpreter from using certain
system resources. Once a feature is disabled, there is no way to
re-enable it. Capabilities can be:
* :all - disallow all (except IO to stdout, stderr, and stdin)
* :env - disallow reading and write env variables
* :ffi - disallow FFI (recommended if disabling anything else)
* :ffi-define - disallow loading new FFI modules and binding new
functions
* :ffi-jit - disallow calling `ffi/jitfn`
* :ffi-use - disallow using any previously bound FFI functions and
memory-unsafe functions.
* :fs - disallow access to the file system
* :fs-read - disallow read access to the file system
* :fs-temp - disallow creating temporary files
* :fs-write - disallow write access to the file system
* :hrtime - disallow high-resolution timers
* :modules - disallow load dynamic modules (natives)
* :net - disallow network access
* :net-connect - disallow making outbound network connections
* :net-listen - disallow accepting inbound network connections
* :sandbox - disallow calling this function
* :signal - disallow adding or removing signal handlers
* :subprocess - disallow running subprocesses