On Wed, Apr 12, 2017 at 3:34 PM, LaeMing <[email protected]> wrote:
> Hi, I am fishing about for an environment to try to develop a simple
> virtual
> world system in (yes, I'm aware of croquet/cobolt!).
>
> In a smalltalk-like environment, that might conceivably involve inviting
> multiple people into the 'image' where the world is hosted to interact with
> objects within it (if I was to use a smalltalk, it would want it to
> interleave the entire system, not just host it on top.)
>
> What sort of security implications might that have and are there any
> current
> solutions to a multi-user single-image situation?
>
If you want hostile actors working directly within the Image with a full
environment, then Pharo is probably not suitable. Its easy to get hold of
global class from the Playground references and overwrite/compile any
method in the system like this...
SomeClass compile: 'initialize
MyEvilHack dostuff.
^ super initialize '
You might want to consider Newspeak, which runs on the same VM as Pharo and
has a focus on security.
* https://www.slideshare.net/esug/8-gilad-brachaesug08
* https://www.youtube.com/watch?v=UwkROn7OmNQ
cheers -ben
