[plt-scheme] Re: Sandboxing and modules
On Feb 7, David Van Horn wrote:
> You can prevent file and network access with Security Guards
> (Sec. 9.1 of MzScheme Language Manual).
>
> Eg. the following should disallow all network and file access
> attempts by untrusted-s-expr (not tested):
>
> (parameterize ((current-security-guard
> (make-security-guard (current-security-guard)
> (lambda _ #f)
> (lambda _ #f))))
> (eval untrusted-s-expr))
No:
| > (parameterize ((current-security-guard
| (make-security-guard (current-security-guard)
| (lambda _ #f)
| (lambda _ #f))))
| (eval '(with-input-from-file "/etc/passwd" read-line)))
| "root:x:0:0:root:/root:/bin/bash"
From the manual:
The return value of file-proc or network-proc is ignored. To deny
access, the procedure must raise an exception or otherwise escape
from the context of the primitive call. If the procedure returns,
the parent's corresponding procedure is called on the same inputs,
and so on up the chain of security guards.
--
((lambda (x) (x x)) (lambda (x) (x x))) Eli Barzilay:
http://www.barzilay.org/ Maze is Life!