[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Chicken-users] Packaging libraries securely
From: |
Peter Bex |
Subject: |
Re: [Chicken-users] Packaging libraries securely |
Date: |
Wed, 8 Aug 2007 09:06:55 +0200 |
User-agent: |
Mutt/1.4.2.3i |
On Wed, Aug 08, 2007 at 05:54:04AM +0100, Tony Sidaway wrote:
> My current approach is to compile the user script with an included
> preamble which redefines important stuff. For instance:
>
> (define-macro (dummy name)
> `(define ,name (lambda x (force (delay (begin (display (format "~a
> is not available~%" ',name)) #f))))))
>
> (dummy open-input-file)
> (dummy call-with-output-file)
>
> And so on.
>
> It seems to me that I need to do this otherwise just about everything
> in the namespace will be available at runtime, co-optable for bad
> stuff.
>
> Or am I just being a silly sausage? Is there a better way of doing this?
You should have a look at the sandbox egg. It provides not only a safe
environment with lots of destructive procedures unavailable, but it also
protects against infinite loops and huge memory consuption.
Regards,
Peter
--
http://sjamaan.ath.cx
--
"The process of preparing programs for a digital computer
is especially attractive, not only because it can be economically
and scientifically rewarding, but also because it can be an aesthetic
experience much like composing poetry or music."
-- Donald Knuth
pgp_WDqV7v1LW.pgp
Description: PGP signature