[Ecls-list] -shell and -load difference
Juan Jose Garcia-Ripoll
jjgarcia at users.sourceforge.net
Fri Oct 19 10:43:31 UTC 2007
2007/10/19, David Creelman <dave at geko.net.au>:
> On Thu, Oct 18, 2007 at 10:00:56AM +0200, Juan Jose Garcia-Ripoll wrote:
> > This is probably not your problem, but if you are to evaluate
> > arbitrary strings coming from an email, I would set up two security
> > measures: one is to ensure that only authorized emails run the code
> > and the other one to set up a safe environment for _reading_ the lisp
> > objects from the string. Ideally you would set up a package where
> > there is no access to system symbols and maybe some functions have
> > been removed. You might even want to deactivate #. the reader macro
> > for executing code.
>
> How do I deactivate the reader macro?
> This is quite neat. I didn't realise that the security could be this find
> grained.
The functionality for the reader macro is described here
http://www.lisp.org/HyperSpec/Body/sec_the_reader_dictionary.html
But you will find it more instructive to read the comp.lang.lisp
threads about security with common lisp which also deal with the issue
of hiding packages and symbols. I believe there are even libraries
offering all this which have been posted to comp.lang.lisp
Juanjo
--
Facultad de Fisicas, Universidad Complutense,
Ciudad Universitaria s/n Madrid 28040 (Spain)
http://juanjose.garciaripoll.googlepages.com
More information about the ecl-devel
mailing list