[Ecls-list] Resitricted mode - possible?
Juan Jose Garcia-Ripoll
juanjose.garciaripoll at gmail.com
Mon Nov 12 08:45:22 UTC 2012
Trying to precise an answer from a private email
On Mon, Nov 12, 2012 at 12:47 AM, Peter Enerccio <enerccio at gmail.com> wrote:
> it should not be possible to break into another object's code
This is only possible through the MP package, which allows interrupting
other processes. If this package is not available for your code, this is
solved
> or environment from other objects
The "environment" in Common Lisp is made of
1* global variable bindings
2* special variable re-bindings (as in (let ((*my-special-var* foo)) ...)
3* local variable bindings
4* object slots
You can either enforce that 1* is impossible in your code (global variables
should be avoided if possible), or override all global bindings in code
that runs using 2* as in (progv list-of-special-variables
list-of-initial-assignments (eval user-code-to-be-evaluated)). 3* is not
accessible from one running code to the other. 4* is accessible only if you
provide other code with explicit references to those objects.
Since there are no pointers in Common Lisp and your DSL does not have
neither "eval" nor arbitrary symbols, there is no easy way you can overcome
this simple-minded security scheme. But once again, this is not something
ECL specific and you might get more information either in c.l.l, in the
"pro" common lisp mailing list or in the #irc channel.
Juanjo
--
Instituto de Física Fundamental, CSIC
c/ Serrano, 113b, Madrid 28006 (Spain)
http://juanjose.garciaripoll.googlepages.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.common-lisp.net/pipermail/ecl-devel/attachments/20121112/b6558373/attachment.html>
More information about the ecl-devel
mailing list