That's something very do-able with the basic package system that will precede Planet 2.0.
Jay On Thu, Aug 18, 2011 at 1:33 PM, Neil Van Dyke <[email protected]> wrote: > Matthias Felleisen wrote at 08/16/2011 05:26 PM: >> >> We (Jay, Robby, Matthew, Eli, and I) have been thinking along these lines >> for a few weeks. Robby is slowly putting the infrastructure into place for >> these things to happen eventually. -- Matthias >> > > If you guys are also doing any work on PLaneT itself, one thing that might > be good to do at the same time is to make the mechanism that handles PLaneT > "require"s be pluggable by the user. > > Over the years, several times I've mentioned security and stability issues > involving PLaneT packages. Now I'm wondering whether, rather than trying to > get all the security right in core Racket, it would be a lot easier to make > the mechanism pluggable. If pluggable, then organizations and applications > could plug in their own policies for what packages and versions are > permissible, from where are they gotten and how, how are they authenticated, > any constraints on installing (e.g., sandboxing, requiring user to inspect > and approve, etc.). This would also make it easier for people other than > the PLaneT maintainer to experiment with behavior and to upload their > modified behavior as PLaneT packages for others to try. > > -- > http://www.neilvandyke.org/ > _________________________________________________ > For list-related administrative tasks: > http://lists.racket-lang.org/listinfo/users > -- Jay McCarthy <[email protected]> Assistant Professor / Brigham Young University http://faculty.cs.byu.edu/~jay "The glory of God is Intelligence" - D&C 93 _________________________________________________ For list-related administrative tasks: http://lists.racket-lang.org/listinfo/users
