[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: few plt related questions



Quoting Wojciech Sobczuk:
> - protect my scheme environment from the execution of some code. what
>   i'd like to do is execute a user-provided scheme program from my
>   server and be sure that it doesn't mess with my internal variables
>   - my first idea was to use namespaces and a custodian.

Yes - use namespaces and custodians.

>   i'd also like to, for example, restrict the program's access to a specific
>   directory - so that it can't modify files which don't reside in the given
>   directory.

This one is more difficult. There's currently no hook for restricting
the primitive I/O functions' access.

You could arrange for the namespace to contain only functions that have
been made safe by wrappers. Or, with version 200, you could require the
user-provided code to be in a specific module language:

  (module <modulename> <somelang>
   ...)

where <somelang> is a module that you implement to provide only safe
functions.

> - send various scheme objects over the net (preferrably encrypted - with 
>   OpenSSL or a similiar lib) - are there tools for this already or do i have
>   to write some up?

We have a start at SSL code sitting around, but it's not complete.

I think others have mentioned marshalling code on this list before, but
I don't remember the details.

Matthew