Stefan wrote: > 2. if you try to audit all code that gets loaded and executed with RT prio, > and only load "trusted code", you're facing an endless task This might actually be an option...
If you let the _server_ examine the code on load / execution. Since it is possible to intercept external calls - like fopen(). Recent messages show that we even can let the server compile the plugin - "runtime / compiletime processing proof of concept" And since it does the compilation it can chose which headers are allowed. /RogerL -- Roger Larsson Skellefte� Sweden
