[plt-scheme] Re: Sandboxing and modules

From: Eli Barzilay (eli at barzilay.org)
Date: Sat Feb 7 12:56:44 EST 2004

Previous message: [plt-scheme] Re: Sandboxing and modules
Next message: [plt-scheme] Re: Sandboxing and modules
Messages sorted by: [date] [thread] [subject] [author]

On Feb  7, David Van Horn wrote:
> You can prevent file and network access with Security Guards
> (Sec. 9.1 of MzScheme Language Manual).
> 
> Eg. the following should disallow all network and file access
> attempts by untrusted-s-expr (not tested):
> 
> (parameterize ((current-security-guard
>                  (make-security-guard (current-security-guard)
>                                       (lambda _ #f)
>                                       (lambda _ #f))))
>    (eval untrusted-s-expr))

No:

| > (parameterize ((current-security-guard
|                  (make-security-guard (current-security-guard)
|                                       (lambda _ #f)
|                                       (lambda _ #f))))
|    (eval '(with-input-from-file "/etc/passwd" read-line)))
| "root:x:0:0:root:/root:/bin/bash"

 From the manual:

  The return value of file-proc or network-proc is ignored.  To deny
  access, the procedure must raise an exception or otherwise escape
  from the context of the primitive call.  If the procedure returns,
  the parent's corresponding procedure is called on the same inputs,
  and so on up the chain of security guards.

-- 
          ((lambda (x) (x x)) (lambda (x) (x x)))          Eli Barzilay:
                  http://www.barzilay.org/                 Maze is Life!

Posted on the users mailing list.

Previous message: [plt-scheme] Re: Sandboxing and modules
Next message: [plt-scheme] Re: Sandboxing and modules
Messages sorted by: [date] [thread] [subject] [author]