[Ecls-list] Resitricted mode - possible?

Peter Enerccio enerccio at gmail.com
Mon Nov 12 17:04:05 UTC 2012


Thanks guys, I got lot of ideas already. I will try to implements that
restricted mode.
I already implemented something that will help me to counter any infinite
loops: http://img4.hostingpics.net/pics/726857capture1352736469.png
which can pose a problem as well.


2012/11/12 Juan Jose Garcia-Ripoll <juanjose.garciaripoll at gmail.com>

> Trying to precise an answer from a private email
>
> On Mon, Nov 12, 2012 at 12:47 AM, Peter Enerccio <enerccio at gmail.com>wrote:
>
>> it should not be possible to break into another object's code
>
>
> This is only possible through the MP package, which allows interrupting
> other processes. If this package is not available for your code, this is
> solved
>
>
>> or environment from other objects
>
>
> The "environment" in Common Lisp is made of
> 1* global variable bindings
> 2* special variable re-bindings (as in (let ((*my-special-var* foo)) ...)
> 3* local variable bindings
> 4* object slots
>
> You can either enforce that 1* is impossible in your code (global
> variables should be avoided if possible), or override all global bindings
> in code that runs using 2* as in (progv list-of-special-variables
> list-of-initial-assignments (eval user-code-to-be-evaluated)). 3* is not
> accessible from one running code to the other. 4* is accessible only if you
> provide other code with explicit references to those objects.
>
> Since there are no pointers in Common Lisp and your DSL does not have
> neither "eval" nor arbitrary symbols, there is no easy way you can overcome
> this simple-minded security scheme. But once again, this is not something
> ECL specific and you might get more information either in c.l.l, in the
> "pro" common lisp mailing list or in the #irc channel.
>
> Juanjo
>
> --
> Instituto de Física Fundamental, CSIC
> c/ Serrano, 113b, Madrid 28006 (Spain)
> http://juanjose.garciaripoll.googlepages.com
>



-- 
Bc. Peter Vaňušanik
http://www.bishojo.tk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.common-lisp.net/pipermail/ecl-devel/attachments/20121112/669e718c/attachment.html>


More information about the ecl-devel mailing list