[racket] planet security

From: Nikita B. Zuev (nikitazu at gmail.com)
Date: Thu Jan 27 13:45:14 EST 2011

Previous message: [racket] question: how to profile allocation?
Next message: [racket] planet security
Messages sorted by: [date] [thread] [subject] [author]

If I understand correctly when we require a module from the planet, it
gets downloaded to racket home directory, compiled and required.
Racket's require is not just about getting definitions, it also
evaluates code inside required module.

So in theory a malicious person can make a planet package that provide
something useful and also behind the scenes evaluates something like:
(system "sudo rm -rf /")

I prefer to think that there are no such people using racket, but with
it's (racket's) growing popularity this can become the case. Recent
events with planet made me more cautious.

I wonder if there is a way to create something like `safe-require'
using racket sandboxes, that will allow to require modules in context
where they can not perform any `unsafe' IO, access network,
filesystem, shell etc?


-- 
Regards,
Nikita B. Zuev

Posted on the users mailing list.

Previous message: [racket] question: how to profile allocation?
Next message: [racket] planet security
Messages sorted by: [date] [thread] [subject] [author]