On 2002.11.28, Jeff Hobbs <[EMAIL PROTECTED]> wrote: > > Well, the answer is yes, but the subtleties are infinite. The best > way is to just create a safe interpreter: > interp create -safe myInterp > and that will create a locked down interp, if you really want to eval > completely untrusted code. However, most people want to restrict just > some stuff, and allow others. You can either start with a regular or > safe interp, and hide or expose commands as you wish.
Perhaps the idea is that if you want to offer AOLserver hosting to folks and allow them to write their own ADPs, you want to both prevent them and protect them from snooping by other users. You also want to protect folks from doing damage ... so you want to limit access to things like "file" and "load" (if you can "load" something you pretty much have free reign). A safe interpreter is probably good. Perhaps a config. setting for the ADP processor to instruct it to use a safe interp. when evaluating ADP's might be handy. > Brent Welch's book goes into this, and it is fairly well explained in > the Tcl docs. Excellent. -- Dossy -- Dossy Shiobara mail: [EMAIL PROTECTED] Panoptic Computer Network web: http://www.panoptic.com/ "He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on." (p. 70)
