I should point out that having a builtin function that allows setting the security manager is itself a security problem.
Rick On Sat, Nov 15, 2025 at 7:55 AM Josep Maria Blasco < [email protected]> wrote: > > > Missatge de Jean Louis Faucher <[email protected]> del dia dv., 14 de > nov. 2025 a les 15:07: > >> >> It's possible to receive the REQUIRES message by setting a security >> manager on the interpreter instance. >> >> BUILTIN(SETSECURITYMANAGER) >> > > If this carries over to all calls and ::Requires, recursively, this would > be wonderful. > Having to reinstall the security manager after every call is a real > nuisance. > > >> I noticed that when used alone (i.e. no security manager on routine, the >> LOCAL and ENVIRONMENT checkpoints are missing. >> It's probably because there is no fallback to the default (i.e. >> interpreter's) security manager. >> Same remark for NativeCode. >> > > Maybe these fallbacks could be added? Then we would have a quite complete > implementation of sandboxes, with a single call to the new BIF. > > Josep Maria > _______________________________________________ > Oorexx-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/oorexx-devel >
_______________________________________________ Oorexx-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/oorexx-devel
