[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-apl] Safe mode is not so safe

From: Christian Robert
Subject: Re: [Bug-apl] Safe mode is not so safe
Date: Wed, 29 Mar 2017 00:39:40 -0400
User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0


address@hidden:/home/xtian] $ apl --help 2>&1 | fgrep safe
    --safe               safe mode (no shared vars, no native functions)

what is the meaning of "no native functions" ?

to me the Doc should be updated, or some work done to make it true.

juergen will choose.


On 2017-03-29 00:21, Elias Mårtenson wrote:
I'm implementing an IRC bot that can run arbitrary APL expressions. Since this 
bot can run code submitted by anyone, I need to ensure that the code can't 
affect the system where the APL expressions are executed.

This is the purpose of the --safe flag, but I have noted that several 
destructive operations are still permitted when using this flag.

In particular:

  * SQL operations
  * )OUT
  * )COPY, )LOAD, etc…
  * )HOST

There is probably more, but preventing these would be a good start.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]