On Mon, Jun 27, 2011 at 9:48 AM, Jukka Tuominen <jukka.tuomi...@finndesign.fi> wrote: > BTW, 'secure' in this context may mean allowing even critical system calls > (say format harddisk), if so specified. But the user should not be able to > do anything else than specified.
The `sandbox' infrastructure is fairly flexible. Just by constructing a namespace and doing the `eval' in that namespace, you'll be able to restrict which identifiers the remote user can refer to. If those are very limited, that might be enough for security. >> -----Original Message----- >> From: sam...@gmail.com [mailto:sam...@gmail.com]On Behalf Of Sam >> Tobin-Hochstadt >> Sent: 27 June 2011 16:10 >> To: Jukka Tuominen >> Cc: users@racket-lang.org >> Subject: Re: [racket] Limiting net-repl provided functions >> >> >> On Mon, Jun 27, 2011 at 8:48 AM, Jukka Tuominen >> <jukka.tuomi...@finndesign.fi> wrote: >> > >> > The basic client/server functionality is already working, but >> it's too big a >> > security risk outside LAN use. It seems to be easier to add >> functionality >> > than ripping them off. Perhaps creating a custom #%top definition to >> > interfere with the default symbol lookup...? >> >> The right place to look is at sandboxes: >> http://docs.racket-lang.org/reference/Sandboxed_Evaluation.html >> and namespaces: >> http://docs.racket-lang.org/guide/mk-namespace.html >> >> -- >> sam th >> sa...@ccs.neu.edu > > _________________________________________________ > For list-related administrative tasks: > http://lists.racket-lang.org/listinfo/users > -- sam th sa...@ccs.neu.edu _________________________________________________ For list-related administrative tasks: http://lists.racket-lang.org/listinfo/users
