[racket] What are sandboxes used for?

From: Neil Van Dyke (neil at neilvandyke.org)
Date: Sun Feb 12 00:10:25 EST 2012

Harry Spier wrote at 02/11/2012 11:46 PM:
> Would it be possible for someone to briefly explain what sandboxes are
> used for.  The documentation Racket Reference 13.11 explains what they
> do, but could someone explain where you would use them.

Sandboxes are useful when evaluating untrusted or less-trusted code, for 
stability and security.

For one example, let's say that you are implementing an online 
multiplayer 3D fighting robot game that lets individual users design 
their own fighting robot's 3D model and program macros for complex robot 
kung-fu techniques (or dance-off moves).  If these macros are run as 
Racket VM code that on the server (in threads, for 'real-time' 
simulation), simply providing a Racket language that doesn't include 
procedures like "delete-file" is not enough.  Similarly, if these macros 
are run on players' individual machines, you might still wish to use 
sandboxes, if you expect players to share macros they develop (like open 
source software), and you want to prevent snot-nosed brat sociopaths 
(i.e., half the players of any Xbox FPS game) from tricking other 
players into running malicious macros.


Posted on the users mailing list.