Part of our java application needs to run javascript that is written by non-developers. These non-developers are using javascript for data formatting. (Simple logic and string concatenation mostly).
My question is how can I setup the execution of these scripts to make sure scripting errors don't have a major negative impact on the rest of the application.
Basically I need to setup the javascript scope to only include exactly what they need and no more.
To guard against infinite loops, you'd need to put it in a separate process so that it could be killed.
To guard against creating threads, you'd need to extend SecurityManager (the default implementation allows untrusted code to access non-root thread groups).
Java security does allow you to prevent access to the file system.
For database restrictions, you might be able to use the standard SQL user security, but that is quite weak. Otherwise, you need to provide an API that enforces your restrictions.
Edit: I should point out that the version of Rhino provided with JDK6 has had security work done on it, but doesn't include the compiler.