Warning: pseudo-caml below since I don't know Haskell too well. But in
trying to learn I came across interesting concept of monad, and that is
what inspired the following idea. I would just like to know if anyone
thinks it's interesting and if someone has already developed it.
Inspired by monads, I had the following idea for controlled sandboxing of an
application. I'll give you a very concrete scenario, but maybe it isn't the
most interesting use of idea. I download a program
off the Internet that claims to do some interesting transformation on
my data. But I don't trust the application not to send my secret data
back to the web site. I could achieve this by running the program in a
sandbox that doesn't allow it to send data over the Internet. But maybe the
program has legitimate reasons to send data, e.g., the company charges based
on how much data I transform, so the program wants to periodically send
messages to the web site saying it performed some units of work.
The idea is just that if my data has type t, instead of a program of type t
-> t, the website provides a program of type m -> m written in a monadic
style. Actually m = t, and the bind operation (>>=) is trivial. But it is
run in the sandbox. Here is pseudo-code, where MYDATA is thought of as a
well-known signature of a well-known standard, like JPEG or something, with
standard implementation MyData (though I could change MyData as long as I
think my changes won't break the code I got off the web site) and
DataTransformer is the untrusted code from the web site. In some
applications, probably you could get away with just bind and return, but for
the example I give here, the untrusted code needs a way to find out if the
data is done being transformed. I implement that by providing an is_done
function, but note that this could be a security hole. A safer way might be
to have really_do_100_steps throw an exception when it finishes that would
be caught by bind.
module MyData =
struct
type t = ...
type m = t
let (>>=) mm f = try run_in_sandbox (fun _ -> f mm)
with _ -> failwith "gotcha"
let return x = x
(* functions that only run in the sandbox *)
... things that take t's ...
(* functions that can run outside the sandbox *)
let is_done = ...
... other things that take m's ...
end
module type MYDATA =
sig
type t = ...
type m
val (>>=) : m -> (t -> m) -> m
val return : t -> m
is_done : m -> bool
... other stuff ...
end
module DataTransformer =
struct
let really_do_100_steps x = ...
let do_100_steps x = x >>= (function y ->
return (really_do_100_steps y))
let rec doit x =
bill_customer_for_100_steps ();
let x' = do_100_steps x in
if is_done x' then x' else doit x'
end
_________________________________________________________________
Join the world’s largest e-mail service with MSN Hotmail.
http://www.hotmail.com
_______________________________________________
Haskell mailing list
[EMAIL PROTECTED]
http://www.haskell.org/mailman/listinfo/haskell
