Hi Mark! Mark H Weaver <m...@netris.org> skribis:
> Every once in a while someone asks about secure sandboxing with Guile, > and generally the response is that it should be fairly easy, by creating > a module with carefully selected bindings, but there's nothing ready > "out of the box". > > I just realized that psyntax has a security hole that prevents secure > sandboxing, and wanted to post this fact before it was forgotten. There are many other holes, such as the fact that ‘@@’ is compiled to the ‘toplevel-ref’ instruction, which can search inside modules. > The problem is that psyntax accepts syntax-objects in the input, and > syntax-objects are simply vectors (or sexps containing vectors). I agree it would be nice to fix eventually, using structs, but it takes more than this to allow for “secure sandboxing”. Thanks, Ludo’.
