[plt-scheme] Safely evaluating arbitrary scheme code?

From: scott-dated-1057608751.25e8a7 at bandwidthcoop.org (scott-dated-1057608751.25e8a7 at bandwidthcoop.org)
Date: Fri Jun 27 16:51:11 EDT 2003

Hi everyone, 

I have a CGI script which takes Scheme code from a form, evaluates it, and 
prints out the result. This is, of course, a giant security risk. I'm 
investigating the possibility of making this secure. 

MzScheme provides security guards, which controls a thread's access to the 
file system and the network. My program needs access to some files. The 
program does its work, installs a security guard which prevents any file or 
net access, then evals the code. 

I'd appreciate feedback on this approach, specifically: 

   -Is this sufficient to protect the server? A good start, but more needs 
to be done? Or madness, and best not attempted? 

   -I'm starting a examination of the library APIs to see if there are other 
potential security threats. Is there anything undocumented that I should be 
wary of? 

Thanks in advance for any help, 

Scott Lewis
scott-dated-1057608751.25e8a7 at bandwidthcoop.org 

Please note: I'm not positive the configuration is correct on my spam filter 
(tmda). If you have any problem replying to the above address, you can email 
me at my regular address (scott at bandwidthcoop.org). But you'll have to reply 
to tmda's challenge email for it to get through. Sorry for any 

Posted on the users mailing list.