Hi Jeff,
>
> What happens if someone does something like this in
> your secure-do, though?:
>
> secure-do [
> security: [file allow] get: func [/any][
> do %bad-stuff.r
> ]
> ] 'throw [] []
>
> -jeff
>
if I understood you correctly, you are asking what happens, if the
untrusted script were:
untrusted: [
security: [file allow]
get: func [/any][
do %bad-stuff.r
]
]
let's try it with a more comfortable/debugged secure-do (sent to
[EMAIL PROTECTED]):
>> result: secure-do untrusted 'throw
>> probe :get
native
>> secure throw
== [net allow file [allow read ask write ask execute]]
>> probe get in result 'result
func [/any][
do %bad-stuff.r
]
>> probe result/changed
[get security]
== [get security]
>>
That is all
Ladislav