[plt-scheme] Re: Using planet packages with the Handin server?

From: John Clements (clements at brinckerhoff.org)
Date: Mon Sep 21 17:52:08 EDT 2009

On Apr 22, 2009, at 4:18 PM, Eli Barzilay wrote:

> On Apr 22, John Clements wrote:
>> My interpretation of this is that the sandbox *is* allowing access
>> to the directory where the planet files live, but that trying to
>> load the planet code also requires access to a number of other
>> directories; that, to put it differently, the set of files loaded by
>> the require statement is not the same as the set of directories that
>> must be readable in order for planet to work correctly.
>> Is this correct?
> That sounds right.  The thing is that the sandbox code does some
> guessing of the paths that are needed, but it's not dealing with
> planet paths.  Even if you allow reading all the paths that are
> needed, you still need to:
> * allow writing to several places for planet to save stuff,
> * arrange a code inspector that will allow it to compile files,
> * somehow make it so no sandbox steps over another sandbox's file, for
>  example, it's probably not a good idea to let several sandboxes
>  copile the same files,
> * allow a network connection.
> The alternative would be to make sure that the files are already in,
> that planet will not try to use the network or compile or write into
> any file.  This might be doable, but I don't know the details.
> Perhaps you can get this in an easier way by requiring the planet
> module from your own code, and use the namespace argument to share the
> planet module's instance with the sanbox?

Well, I'm coming back to this five months later, because PLAI is now a  
planet package, which means that my inability to refer to planet  
packages in the handin server now means that I can't make the handin  
server work with PLAI at all.

Specifically, I'm hoping that you or someone else with additional  
namespace-fu can help me with the necessary plumbing to implement your  
suggestion.  Alternatively, since (IIRC) you are use PLAI yourself,  
perhaps you've already extended the handin server to work with planet  
packages in a way that's not already obvious to me.

My attempts to "require the planet module from my own module and use  
the namespace argument to share the planet module's instance with the  
sandbox" thus far amount to something like this:

#lang scheme

(require scheme/sandbox)

(namespace-require '(planet plai/plai))
(namespace-attach-module (current-namespace)
                          '(planet plai/plai))

((make-evaluator '(planet plai/plai) '(+ 3 4)
                  #:allow-read '((planet plai/plai))) 13)

My hope was that this would add the planet module-path to the current  
namespace in such a way that the make-evaluator call would refer to  
the existing one, and avoid the permissions problems.

Unfortunately, the error is unchanged: I get

directory-list: `read' access denied for /Users/clements/Library/PLT  

Perhaps the solution is to somehow attach the planet module to the  
current namespace using a new identifier, and have the make-evaluator  
call refer to the new identifier.  However, I can't find a call in the  
namespace zone that would allow me to do this.

The final "throw up my hands" solution is to un-planet-ize plai, and  
turn it into a regular collection. This seems fragile, but maybe it's  
the best way to go?

Any help appreciated,


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2484 bytes
Desc: not available
URL: <http://lists.racket-lang.org/users/archive/attachments/20090921/17b4937f/attachment.p7s>

Posted on the users mailing list.