This is the mail archive of the
guile@sourceware.cygnus.com
mailing list for the Guile project.
Safe Guile?
In order to discuss/argue about secure scheme, knotwell wrote a workaround
by using a smtplib:sendmail command. Does anybody know how I can get
access to this packages. I looked at schemers.org and at
http://www.cs.indiana.edu/scheme-repository/ but couldn`t find a such
packages.
And then the question about secure scheme seems to me not to be solved
by just overloading names. Anybody has a clue how to secure scheme?
>>>>> "knotwell" == knotwell <knotwell@f5.com> writes:
knotwell> You cauld also redefine the system calls to report
knotwell> attempts at unauthorized calls:
knotwell> (define open-input-file (filename) (begin
knotwell> (smtplib:sendmail "root@localhost" (string-append
knotwell> "syscall: open-input-file attempted by " (array-ref
knotwell> (getpwuid (getuid)) 0))) (error 'syscall-denied
knotwell> "open-input-file prohibited")))
knotwell> --Brad
knotwell> Warlander, Johan writes:
>> Hello,
>> server etc. What I would like to know is if there is any way to
>> 'secure' Guile so that you can run Scheme code that doesn't
>> have access to the system functions, but that can still use all
>> the other functionality. The preferrable solution would be if
>> each character script could run with its own 'environment', so
>> that a script can't mess up for the rest of the game, but even
>> if that isn't possible, just being able to 'turn off' the
>> system functions would be great.
>>
>> Any thoughts on the matter appreciated, Johan Wärlander