[plt-scheme] Musing on (rnrs (6)) sandboxing

From: Synx (plt at synx.us.to)
Date: Thu Feb 4 01:32:44 EST 2010

Previous message: [plt-scheme] purely function call/cc example
Next message: [plt-scheme] Musing on (rnrs (6)) sandboxing
Messages sorted by: [date] [thread] [subject] [author]

So R6RS has no accomodations for limits on memory, disk access, nested
evaluation, or network functionality. For example any evaluator that
allows the use of recursion in r6rs will thrash the computer it's on to
a halt the moment some user submits the code '(let loop () (+ 1 (loop)))

I was trying to think how to sandbox such things. The only thing I could
come up with is to have every datum produced by the user be wrapped in
some kind of "memory tracking" object that watches a pretend memory
limit and throws an error when that limit has been decremented to or
below zero. Would that mean taking every instance of "1" in the above
program and putting (watch-memory limiter integer-size 1) in its place?

Given that the R6RS doesn't specify any sort of memory management or
memory limiting, how would you implement such a thing, as an extension
to the R6RS? I know PLT can do it natively, but it's always been
attractive to me to write something that can run (if not perfectly) on
more than one implementation.

Posted on the users mailing list.

Previous message: [plt-scheme] purely function call/cc example
Next message: [plt-scheme] Musing on (rnrs (6)) sandboxing
Messages sorted by: [date] [thread] [subject] [author]