Skip to content

Security model: sandboxing, import trust, and safe execution docs #150

Open
Open
Security model: sandboxing, import trust, and safe execution docs#150
Labels
documentationImprovements or additions to documentationpriority-mediumShould be addressedspecificationLanguage specification documents
Milestone
v1.0
@Mnehmos

Description

@Mnehmos
Mnehmos
opened on Mar 17, 2026

Problem

There is no defined security model for NLS. It is unclear what a .nl file can and cannot do at runtime, what trust boundaries exist for @use imports, or how to safely run untrusted .nl files.

Acceptance Criteria

  • docs/SECURITY.md defining: execution sandbox model, import trust levels, what system access .nl has
  • nlsc run --sandbox flag that restricts filesystem/network access if applicable
  • Import trust: stdlib vs user packages vs third-party have documented trust levels
  • Responsible disclosure policy

Why This Blocks v1.0

Production adoption requires knowing what you're trusting when you run a .nl file.

Metadata

Metadata

Assignees

No one assigned

    Labels

    documentationImprovements or additions to documentationpriority-mediumShould be addressedspecificationLanguage specification documents

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions