[plt-scheme] Insecure procedures

From: Eli Barzilay (eli at barzilay.org)
Date: Tue Aug 17 15:39:02 EDT 2004

Previous message: [plt-scheme] Insecure procedures
Next message: [plt-scheme] Insecure procedures
Messages sorted by: [date] [thread] [subject] [author]

On Aug 17, Don Felgar wrote:
> I plan to provide a Scheme service on a semi-public server.  Does
> anyone have a list of procedures that are inherently unsafe?  For
> the time being I'm not talking about resource hogging or similar
> attacks.  I mean system, eval, load, open-input-file and etc,
> procedures that directly facilitate abuse.  Does such a list exist?

For preventing file access you should read about security guards:

  (current-security-guard
   (make-security-guard
    (current-security-guard)
    (lambda (who path what)
      (when (memq 'execute what)
        (error "I'm sorry Dave, I'm afraid I can't do that.")))
    void))

I don't see the problem with `eval' etc.  If you're planning to let
different users run code, then you'll probably want to set each user
with a different namespace.  (I once hacked a remote Scheme thing
which did something similar, in case you want some half baked code.)

-- 
          ((lambda (x) (x x)) (lambda (x) (x x)))          Eli Barzilay:
                  http://www.barzilay.org/                 Maze is Life!

Posted on the users mailing list.

Previous message: [plt-scheme] Insecure procedures
Next message: [plt-scheme] Insecure procedures
Messages sorted by: [date] [thread] [subject] [author]