[racket] Handin Server + PLAI problem

From: Eli Barzilay (eli at barzilay.org)
Date: Sat Jan 14 17:28:59 EST 2012

40 minutes ago, Robby Findler wrote:
> While we wait for Eli to either fix the bug or to track this down to
> some other part of the system,

It's not a handin server or a sandbox bug -- it's a problem of some
code that tries to get `exists' access to some directories, which is
usually harmless since the default security guard allows anything.  I
can allow these directories by default through the sandbox if someone
tells me which directories should be allowed.  (I also don't know what
code causes it.)


> applying this diff makes the problem go away for me.
> [remove contract]

This indicates that something in the contract wrapper does the
access.  My guess is that some path manipulation function is used
which checks the current directory.  If this is the case, and it's
always the current directory, then I think that the right solution is
to avoid it.  (I don't know if there are any security implications to
allow exists access to the current directory, so I prefer to not open
it up.)

-- 
          ((lambda (x) (x x)) (lambda (x) (x x)))          Eli Barzilay:
                    http://barzilay.org/                   Maze is Life!


Posted on the users mailing list.