ReDoS protection #128
Description
What feature do you want to see added?
We are currently designing a Groovy sandbox that utilizes some of groovy-sandbox's capabilities to assist in restricting user execution of RCE commands. However, when users execute malicious code that may cause ReDoS, the sandbox seems to have no restrictions, such as:
def a='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa!'==~/ (.*a){10000}/
We would greatly appreciate it if the groovy-sandbox official could restrict the execution of the code with ReDoS issues mentioned above in the sandbox.
Upstream changes
No response
Are you interested in contributing this feature?
No response