> it would really be nice if someone would sit down and sort this all out
> in detail. there'd still be no guarantee that such a Haskell sandbox was
> totally safe, but at least all issues and solutions could be shared, making
> it as safe as the community knows how.
The #haskell people have been working on this for about 3 years now.
The result is the 'runplugs' program, which I've talked about in
previous mails.
http://www.cse.unsw.edu.au/~dons/code/lambdabot/scripts/RunPlugs.hs
It uses hs-plugins for the evaluation, along with the points about IO
prevention via type checking, resource limits controlled by the OS,
language extension preventions, and a trusted (audited) module base.
The security mechanisms were briefly described in the 2004 hs-plugins
paper, if I recall, but otherwise, I don't think we've documented the
techniques. Maybe we should, as many issues have been encountered over
the years, further and further constraining the kinds of things that are
allowed.
-- Don
_______________________________________________
Haskell-Cafe mailing list
Haskell-Cafe@haskell.org
http://www.haskell.org/mailman/listinfo/haskell-cafe
