[plt-scheme] Musing on (rnrs (6)) sandboxing

From: YC (yinso.chen at gmail.com)
Date: Thu Feb 4 13:40:16 EST 2010

On Wed, Feb 3, 2010 at 10:32 PM, Synx <plt at synx.us.to> wrote:

> So R6RS has no accomodations for limits on memory, disk access, nested
> evaluation, or network functionality. For example any evaluator that
> allows the use of recursion in r6rs will thrash the computer it's on to
> a halt the moment some user submits the code '(let loop () (+ 1 (loop)))
> I was trying to think how to sandbox such things. The only thing I could
> come up with is to have every datum produced by the user be wrapped in
> some kind of "memory tracking" object that watches a pretend memory
> limit and throws an error when that limit has been decremented to or
> below zero. Would that mean taking every instance of "1" in the above
> program and putting (watch-memory limiter integer-size 1) in its place?
> Given that the R6RS doesn't specify any sort of memory management or
> memory limiting, how would you implement such a thing, as an extension
> to the R6RS? I know PLT can do it natively, but it's always been
> attractive to me to write something that can run (if not perfectly) on
> more than one implementation.

My guess is that you need to rely on the underlying platform to provide you
with the mechanism for direct memory access/management.

As such you can have a generic interface in R6RS, and then implementation
specific code that runs on each specific scheme implementations that do
offer such access.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.racket-lang.org/users/archive/attachments/20100204/52bef671/attachment.html>

Posted on the users mailing list.