[plt-scheme] (in)security in a top-level eval

From: support at taxupdate.com (support at taxupdate.com)
Date: Tue Feb 20 05:02:46 EST 2007

Previous message: [plt-scheme] Idiomatic way of calling an object's accessors given dynamic method name?
Next message: [plt-scheme] (in)security in a top-level eval
Messages sorted by: [date] [thread] [subject] [author]

I'm developing a program which includes eval's on user-generated code.  Before
getting too far down this road, I'd like to be clear on the security issues.

Currently, I enclose user code within a security guard that should prevent file
writes and network access.  But the code is eval'ed at the top level, so I'm
wondering what type of concerns this brings up.  Any guidance?

Wayne

Posted on the users mailing list.

Previous message: [plt-scheme] Idiomatic way of calling an object's accessors given dynamic method name?
Next message: [plt-scheme] (in)security in a top-level eval
Messages sorted by: [date] [thread] [subject] [author]