[REBOL] No longer dangerous (use of) Secure Re:(2)

Wed, 14 Jun 2000 16:10:52 -0700 

Hi Rebols,

Jeff, thanks for your kind words.

I polished the script a bit: cleaned the code, removed some
unimportant things, fastened (about 5 times), improved protected
words handling (read: words protected using the Protect native).
It looks so good, I could not resist to put it here:

Rebol[
    Title: "SecureDo"
    Date: 14/6/2000
    File: %securedo.r
    Author: [
        "Ladislav Mecir"
        "Jeff Kreis"
    ]
    Email: [EMAIL PROTECTED]
    Purpose: {
        To securely do an untrusted script.
        Words are preserved.
        Secure is made unavailable to untrusted script.
        Returns an object containing the script result
        and the untrusted words/values.
    }
    Category: [Script Advanced]
]

; needs Map
include %highfun.r

protected?: func [
    {returns True if the word is protected}
    word [word!]
] [
    error? try [error? set/any word get/any word]
]

secure-do: func [
    {secure script execution}
    untrusted [block! file! string!] {untrusted script}
    /local result sec-do orig-word find-word
    sec-ctxt sec-words sec-values sec-protect sec-system live
] [
    ; tell GC about secure-do
    sec-do: :secure-do
    ; save secure context, words, values, protected-state
    sec-ctxt: make system/words []
    sec-words: bind first system/words 'system
    sec-values: copy/deep second system/words
    sec-protect: map :protected? sec-words
    sec-system: in sec-ctxt 'system
    live: 'system
    ; make Secure and Secure-do unavailable to Untrusted
    unset [secure secure-do]
    result: make object! [
        result: u-words: u-values: none
    ]
    do bind bind [
        ; do untrusted script
        error? set/any in result 'result try :untrusted
        ; save untrusted words/values for future use
        result/u-words: bind first system/words live
        result/u-values: copy/deep second system/words
        ; restore the secure words
        foreach word result/u-words [
            unprotect word
            set/any word ()
        ]
        repeat i length? sec-words

            orig-word: pick sec-words i
            error? set/any orig-word pick sec-values i
            if pick sec-protect i [protect orig-word]
        ]
    ] sec-system 'sec-system
    :result
]

{
    example:

    secure-do [1 / 1]
}


If you got here, I have got a problem for you: the present code is
still dangerous. Could you find why and suggest a solution?

    {8^D Ladislav

Reply via email to