[racket] planet security
If I understand correctly when we require a module from the planet, it
gets downloaded to racket home directory, compiled and required.
Racket's require is not just about getting definitions, it also
evaluates code inside required module.
So in theory a malicious person can make a planet package that provide
something useful and also behind the scenes evaluates something like:
(system "sudo rm -rf /")
I prefer to think that there are no such people using racket, but with
it's (racket's) growing popularity this can become the case. Recent
events with planet made me more cautious.
I wonder if there is a way to create something like `safe-require'
using racket sandboxes, that will allow to require modules in context
where they can not perform any `unsafe' IO, access network,
filesystem, shell etc?
--
Regards,
Nikita B. Zuev