chicken-users
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Chicken-users] Packaging libraries securely


From: Peter Bex
Subject: Re: [Chicken-users] Packaging libraries securely
Date: Wed, 8 Aug 2007 09:06:55 +0200
User-agent: Mutt/1.4.2.3i

On Wed, Aug 08, 2007 at 05:54:04AM +0100, Tony Sidaway wrote:
> My current approach is to compile the user script with an included
> preamble which redefines important stuff.  For instance:
> 
> (define-macro (dummy name)
>   `(define ,name (lambda x (force (delay (begin (display (format "~a
> is not available~%" ',name)) #f))))))
> 
> (dummy open-input-file)
> (dummy call-with-output-file)
> 
> And so on.
> 
> It seems to me that I need to do this otherwise just about everything
> in the namespace will be available at runtime, co-optable for bad
> stuff.
> 
> Or am I just being a silly sausage?  Is there a better way of doing this?

You should have a look at the sandbox egg.  It provides not only a safe
environment with lots of destructive procedures unavailable, but it also
protects against infinite loops and huge memory consuption.

Regards,
Peter
-- 
http://sjamaan.ath.cx
--
"The process of preparing programs for a digital computer
 is especially attractive, not only because it can be economically
 and scientifically rewarding, but also because it can be an aesthetic
 experience much like composing poetry or music."
                                                        -- Donald Knuth

Attachment: pgp_WDqV7v1LW.pgp
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]