[plt-scheme] (in)security in a top-level eval

From: support at taxupdate.com (support at taxupdate.com)
Date: Tue Feb 20 05:02:46 EST 2007

I'm developing a program which includes eval's on user-generated code.  Before
getting too far down this road, I'd like to be clear on the security issues.

Currently, I enclose user code within a security guard that should prevent file
writes and network access.  But the code is eval'ed at the top level, so I'm
wondering what type of concerns this brings up.  Any guidance?

Wayne


Posted on the users mailing list.