On Sun, Aug 31, 2014 at 12:09 PM, Tomas Hlavaty <t...@logand.com> wrote:
> would this clasify?
You mean «clarify»?
> $ cat >/dev/null
> rm -fr /
> I executed arbitrary script while limiting its effects.
> The most important missing part is to define, what functionality exactly
> do you want to allow and which effects are acceptable.
Allow: execution flow, setting/defining symbols, maths operations, print,
Deny: system calls (or controlled by ACL), file operations (or
sandboxed), redefine important symbols
> Even if you
> allow "safe" operations (whatever that means), users could spin your
> machine in a loop eating precious CPU time. How would you limit that at
> PicoLisp or Tcl level?
Indeed. Admitedly derisory measures would be limiting number of iterations,
http://profgra.org/lycee/ (site pro)
http://delicious.com/profgraorg (liens, favoris)