[racket] Handin Server + PLAI problem [and 1 more messages] [and 2 more messages]

From: Matthew Flatt (mflatt at cs.utah.edu)
Date: Sun Jan 15 21:46:13 EST 2012

How about adding `racket/sandbox/keys':

 #lang racket/base

 (provide (protect-out suspend-file-security-key))

 (define suspend-file-security-key (gensym))

 ;; maybe more keys for other sandbox controls

and then have "main-collects.rkt" wrap its use of
`find-executable-path' to install a mark with this key, which the
sandbox security guard will recognize as permission to inspect files.

Since the key is protected, it will be inaccessible to untrusted code
in the the same way as unsafe operations.

At Sun, 15 Jan 2012 20:05:31 -0500, Eli Barzilay wrote:
> Yesterday, Robby Findler wrote:
> > Perhaps the right thing is to have the setup code export a small
> > library that contains a "is my mark bound in the context" function
> > and then the sandbox can call that function when deciding whether or
> > not to grant permission.
> > 
> > (That has the dependencies going the right way, right?)
> Yes.  But I'd like to hear Matthew's opinion before hacking something
> like that in.
> The thing that bothers me about this solution is that there might some
> other code that needs to be treated as priviliged too, and in that
> case the sandbox will need to invoke each file's predicate (they won't
> be able to share this functionality since the actual values must be
> hidden).  For this reason, and assuming that this is a proper
> solution, the parameter is better put at the "highest" entry point to
> the priviliged code.  I suspect that this means that it should be part
> of the resolver, but only in the built-in unconfigurable core
> (otherwise you can circumvent protection by a configured malicious
> resolver), so perhaps this has to be done in the C core.
> It's also not clear to me if a whole parameter is needed, or just a
> continuation mark.
> -- 
>           ((lambda (x) (x x)) (lambda (x) (x x)))          Eli Barzilay:
>                     http://barzilay.org/                   Maze is Life!
> ____________________
>   Racket Users list:
>   http://lists.racket-lang.org/users

Posted on the users mailing list.