[plt-scheme] Introducing... Stuffers
On Feb 6, 2009, at 8:43 PM, Jay McCarthy wrote:
> If you just use serialize-stuffer, then the user can change anything
> they want. They can only get you to run code that you've already
> written, but they can change values in the environment.
I suspect "the environment" could well be a target, but I'm more
worried about "They can only get you to run code that you've already
written." What exactly does this mean; what are its limits? Would
it be possible to change the continuation so, say, it loads a user-
specified file on the server and evaluates a user-specified
expression using definitions from that file?
Stephen Bloch
sbloch at adelphi.edu