[racket-dev] [plt] Push #27106: master branch updated

From: Sam Tobin-Hochstadt (samth at ccs.neu.edu)
Date: Sun Jul 7 13:42:22 EDT 2013

Previous message: [racket-dev] sticky: bad
Next message: [racket-dev] [plt] Push #27106: master branch updated
Messages sorted by: [date] [thread] [subject] [author]

On Sun, Jul 7, 2013 at 1:26 PM,  <mflatt at racket-lang.org> wrote:
>
> | Finally, `racket/base' provides the new function
> | `call-with-default-reading-parameterization', which is used to guard
> | various file `read's to make them consistent and avoid security holes.

It looks like `call-with-default-reading-parameterization` allows
reading compiled code. This seems potentially worrying in the contexts
where we're reading various package-related files.

Sam

Posted on the dev mailing list.

Previous message: [racket-dev] sticky: bad
Next message: [racket-dev] [plt] Push #27106: master branch updated
Messages sorted by: [date] [thread] [subject] [author]