On Sun, Aug 31, 2014 at 12:09 PM, Tomas Hlavaty <[email protected]> wrote: > > would this clasify?
You mean «clarify»? > $ cat >/dev/null > rm -fr / > ^d > > I executed arbitrary script while limiting its effects. Indeed. > The most important missing part is to define, what functionality exactly > do you want to allow and which effects are acceptable. Some examples: Allow: execution flow, setting/defining symbols, maths operations, print, Deny: system calls (or controlled by ACL), file operations (or sandboxed), redefine important symbols > Even if you > allow "safe" operations (whatever that means), users could spin your > machine in a loop eating precious CPU time. How would you limit that at > PicoLisp or Tcl level? Indeed. Admitedly derisory measures would be limiting number of iterations, execution time… chri -- http://profgra.org/lycee/ (site pro) http://delicious.com/profgraorg (liens, favoris) https://twitter.com/profgraorg http://microalg.info -- UNSUBSCRIBE: mailto:[email protected]?subject=Unsubscribe
