(core) updates from grist-core

Dockerfile

@@ -94,6 +94,14 @@ ADD plugins plugins
 # started as:
 #   docker run -p 8484:8484 -it <image>
 # Variables will need to be overridden for other setups.
+#
+# GRIST_SANDBOX_FLAVOR is set to unsandboxed by default, because it
+# appears that the services people use to run docker containers have
+# a wide variety of security settings and the functionality needed for
+# sandboxing may not be possible in every case. For default docker
+# settings, you can get sandboxing as follows:
+#   docker run --env GRIST_SANDBOX_FLAVOR=gvisor -p 8484:8484 -it <image>
+#
 ENV \
   PYTHON_VERSION_ON_CREATION=3 \
   GRIST_ORG_IN_PATH=true \
@@ -104,7 +112,7 @@ ENV \
   GRIST_INST_DIR=/persist \
   GRIST_SESSION_COOKIE=grist_core \
   GVISOR_FLAGS="-unprivileged -ignore-cgroups" \
-  GRIST_SANDBOX_FLAVOR=gvisor \
+  GRIST_SANDBOX_FLAVOR=unsandboxed \
   TYPEORM_DATABASE=/persist/home.sqlite3
 
 EXPOSE 8484

README.md

@@ -50,6 +50,11 @@ Here are some specific feature highlights of Grist:
     - Control access based on cell values and user attributes.
   * Can be self-maintained.
     - Useful for intranet operation and specific compliance requirements.
+  * Sandboxing options for untrusted documents.
+    - On Linux or with docker, you can enable
+	  [gVisor](https://github.com/google/gvisor) sandboxing at the individual
+	  document level.
+    - On OSX, you can use native sandboxing.
 
 If you are curious about where Grist is going heading,
 see [our roadmap](https://github.com/gristlabs/grist-core/projects/1), drop a
@@ -62,7 +67,7 @@ There are docker images set up for individual use, or (with some
 configuration) for self-hosting. Grist Labs offers a hosted service
 at [docs.getgrist.com](https://docs.getgrist.com).
 
-To run Grist running on your computer with [Docker](https://www.docker.com/get-started), do:
+To get Grist running on your computer with [Docker](https://www.docker.com/get-started), do:
 
 ```sh
 docker pull gristlabs/grist
@@ -88,6 +93,10 @@ port mapping:
 docker run --env PORT=9999 -p 9999:9999 -v $PWD/persist:/persist -it gristlabs/grist
 ```
 
+To enable gVisor sandboxing, set `--env GRIST_SANDBOX_FLAVOR=gvisor`.
+This should work with default docker settings, but may not work in all
+environments.
+
 ## Building from source
 
 To build Grist from source, follow these steps:
@@ -98,6 +107,19 @@ To build Grist from source, follow these steps:
     yarn start
     # Grist will be available at http://localhost:8484/
 
+Grist formulas in documents will be run using Python executed directly on your
+machine. You can configure sandboxing using a `GRIST_SANDBOX_FLAVOR`
+environment variable.
+
+ * On OSX, `export GRIST_SANDBOX_FLAVOR=macSandboxExec`
+   uses the native `sandbox-exec` command for sandboxing.
+ * On Linux with [gVisor's runsc](https://github.com/google/gvisor)
+   installed, `export GRIST_SANDBOX_FLAVOR=gvisor` is an option.
+
+These sandboxing methods have been written for our own use at Grist Labs and
+may need tweaking to work in your own environment - pull requests
+very welcome here!
+
 ## Logins
 
 Like git, Grist has features to track document revision history. So for full operation,

package.json

@@ -1,6 +1,6 @@
 {
   "name": "grist-core",
-  "version": "0.7.7",
+  "version": "0.7.8",
   "license": "Apache-2.0",
   "description": "Grist is the evolution of spreadsheets",
   "homepage": "https://github.com/gristlabs/grist-core",