Howdy, Gabriele:
>... it's better to quit REBOL just after running an untrusted
> script, because you can't know if it has changed every word in the
> global context to do evil things.
Using the new ability to QUERY objects, you can do the following:
protect 'query
query/clear system/words
do %some-script.r
new-or-modified-words: query/clear system/words
Then you can tell if something's messed with any of the system
words. For additional security, point another word at QUERY first,
ie:
check-object: :query
Note: New words may show up in the return that are not necessarily
new global words, but were defined in another context. To determine
which are new globals you can iterate over the contents of the
returned block and test them with VALUE?
If you find the word SECURE in the block you can assume the
script's up to no good.
-jeff
