Re: Haskell MIME types?

[S. Alexander Jacobson]

On Wed, 25 Aug 1999, Christian Sievers wrote:

> Alexander Jacobson wrote:
> 
> > Postscript interpreters also have the ability to execute rm *.
> > The difference is that postscript interpreters have a command line option
> > to turn off file system access capabilities.
> > Is there a command line option in hugs to disallow import of System?
> 
> I don't think disallowing some imports is the way to go. For example,
> you also have Directory.removeFile, but I'd rather not suggest to
> disallow importing Directory. Instead, operations that an untrusted
> code shouldn't execute could raise an exeption like isPermissionError
> or isIllegalOperationError. In *nix-land, we might chose to just run
> Hugs under its own UID, so it might even write its own files, and
> delete them, but only them.

I agree with you about restricting imports.   
I think the way to go is to disable access to filedescriptors (the file
system and sockets) within hugs. 

Or you reproduce the whole securityManager/capabilityClass regime from
Java/Netscape (see
http://developer.netscape.com/docs/manuals/signedobj/capabilities/index.html).
whish would be great...it would be great to define a whole Haskell
applet infrastructure, but that is a really big job.

> > > On Tue, 24 Aug 1999, Fritz K Ruehr wrote:
> > > 
> > >  | I just convinced my local sysadmin to attach a new MIME type to
> > >  | outgoing Haskell programs sent by our web server, namely
> > >  | "application/x-haskell".
> 
> Maybe the Haskell-Version should also go into the MIME type name, as
> in "application/x-haskell98".

Yes.  OTOH, if you use, active-x (I am assuming windows here) then you can
avoid the whole mime-type issue.  You simply specify the OID of the
interpreter you want and download the code.

-Alex-
___________________________________________________________________
S. Alexander Jacobson                   Shop.Com
1-212-697-0184 voice                    The Easiest Way To Shop