I thought about it a bit, and I think it's possible to exploit the
dynamic namespace feature in order to solve this problem.
a word 'with-sandbox' takes a configuration and a quotation, and acts as
a proxy for the code in the quot.
for example, if the configuration has { path-limit { current-dir } }
then it will route the code that tries to write through a word that will
only write if it matches a certain condition. in our case, if the
normalized path it writes to exists within current-dir.
the namespace was changed (over-riden), but the quot doesn't know about
it, and is completely oblivious :)
sample:
{
path-limit { current-dir temp-dir }
network-limit { { domain "factorcode.org" } { port "776" } }
byte-limit { kb 8000 }
} [ ..... some possibly malicious code ..... ] with-sandbox
What do you think? It looks quite elegant to me.
can this approach work?
Kobi
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Factor-talk mailing list
Factor-talk@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/factor-talk
