TNT-Flo/sandbox-web-ide
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

firejail

Browse Source
This commit is contained in:
Ishaan Dey 2024-05-24 01:28:50 -07:00
parent 30e1c39d6c
commit 2abc9d4a4c
4 changed files with 19 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
backend/server/dockerfile
View File

@ -2,8 +2,8 @@ FROM node:20
# Security: Drop all capabilities # Security: Drop all capabilities
USER root USER root
RUN apt-get update && apt-get install -y libcap2-bin RUN apt-get update && apt-get install -y libcap2-bin && \
RUN setcap cap_net_bind_service=+ep /usr/local/bin/node setcap cap_net_bind_service=+ep /usr/local/bin/node
WORKDIR /code WORKDIR /code
@ -15,14 +15,19 @@ COPY . .
RUN npm run build RUN npm run build
# Security: Create non-root user and assign ownership RUN useradd -m sboxuser
RUN useradd -m myuser RUN mkdir projects && chown -R sboxuser:sboxuser projects
RUN mkdir projects && chown -R myuser:myuser projects
USER myuser
# user namespace mapping # todo user namespace mapping
EXPOSE 3000 RUN apt-get install -y firejail
RUN echo '#!/bin/bash\nexec firejail --private=/projects --noprofile node dist/index.js' > /start.sh
RUN chmod +x /start.sh
USER sboxuser
EXPOSE 8000
EXPOSE 4000 EXPOSE 4000
CMD [ "node", "dist/index.js" ] CMD ["/start.sh"]

2
backend/server/src/index.ts
View File

@ -342,8 +342,8 @@ io.on("connection", async (socket) => {
const onExit = pty.onExit((code) => console.log("exit :(", code)); const onExit = pty.onExit((code) => console.log("exit :(", code));
pty.write("export PS1='\\u > '\r");
pty.write("clear\r"); pty.write("clear\r");
pty.write("export PS1='> '\r");
terminals[id] = { terminals[id] = {
terminal: pty, terminal: pty,

2
backend/storage/src/startercode.ts
View File

@ -56,7 +56,7 @@ import react from '@vitejs/plugin-react'
export default defineConfig({ export default defineConfig({
plugins: [react()], plugins: [react()],
server: { server: {
port: 3000, port: 8000,
}, },
}) })
`, `,

6
frontend/components/editor/preview/index.tsx
View File

@ -34,7 +34,7 @@ export default function PreviewWindow({
<div className="text-xs"> <div className="text-xs">
Preview Preview
<span className="inline-block ml-2 items-center font-mono text-muted-foreground"> <span className="inline-block ml-2 items-center font-mono text-muted-foreground">
localhost:3000 localhost:8000
</span> </span>
</div> </div>
<div className="flex space-x-1 translate-x-1"> <div className="flex space-x-1 translate-x-1">
@ -51,7 +51,7 @@ export default function PreviewWindow({
<PreviewButton <PreviewButton
onClick={() => { onClick={() => {
navigator.clipboard.writeText(`http://${ip}:3000`); navigator.clipboard.writeText(`http://${ip}:8000`);
toast.info("Copied preview link to clipboard"); toast.info("Copied preview link to clipboard");
}} }}
> >
@ -77,7 +77,7 @@ export default function PreviewWindow({
ref={ref} ref={ref}
width={"100%"} width={"100%"}
height={"100%"} height={"100%"}
src={`http://${ip}:3000`} src={`http://${ip}:8000`}
/> />
</div> </div>
)} )}