On Mon, Sep 1, 2014 at 5:52 AM, Tomas Hlavaty <t...@logand.com> wrote:
>
> […] it is unsafe by design.
> […]
> even if you bind those symbols to 'prog', an attacker could set them to
> the original values, which are simple numbers.

Hey, this is a very nice idea and answer to my question of safe interps.

> It should be possible to
> find the original values from another instance of picolisp, for example.

Is it always possible?

> Or simply call something that crashes PicoLisp, e.g.
> […]

Here comes the power of embedded interpreters, which PicoLisp
does not have.

Thanks to all for this interesting discussion !


chri

-- 

http://profgra.org/lycee/ (site pro)
http://delicious.com/profgraorg (liens, favoris)
https://twitter.com/profgraorg
http://microalg.info
--
UNSUBSCRIBE: mailto:picolisp@software-lab.de?subject=Unsubscribe

Reply via email to