2009/1/26 Nicholas Clark <[email protected]>: > On Mon, Jan 26, 2009 at 09:15:38PM +1100, Adam Kennedy wrote: >> Unfortunately, any configuration language would eventually trend >> towards being turing complete, and thus the final end-point for the >> configuration language ends up with us just using Perl for the >> mini-language :) > > I thought "yes, but Perl has side effects, which means security holes, whereas > a mini language could be constrained that it has no side effects - its given > fixed input about the environment, and the only output is an end state > data structure." The only risk from that is a denial of service from using > too much CPU or RAM? Which means monitor both. > > But then I thought that it *still* isn't useful, as the very task that the > configure system wants to do is inspect the installed system its running on, > which means that it will always end up wanting a bit more input state. And > even providing read-only access to a file system isn't enough, as pretty soon > someone wants to know "does this code compile against that library?" and so > a sandboxed language doesn't fulfill the tasks required of it.
Yup, that's pretty much where you end up going whenever you run the thought experiment through to completion. Adam K
