On Tue, Jan 28, 2003 at 11:41:14AM +0000, Thomas Whateley wrote: > I've been thinking about how to run un-trusted code, > without having to audit every line, or use some sort of sandbox, [snip] > block to audit and be certain of what a module/program could > do to my system.
As author of http://dev.perl.org/rfc/353.pod, I thought somewhat about these issues, and eventually hit a rather hard brick wall. What happens when you link in some module that's written natively? Basically, my conclusion was that this was, unfortunately, still necessary, but once you do it, then all bets about restriction and security are off. If you can get around the necessity of that (and only allow things which are parrot-native, then you can control it). > If people think something like this would be usefull, I'd be > more than happy to research this further and try to come up > with some code.... I suspect you'll end up hitting the same problems as I did, but if you want to do it in the situations where there is no linking allowed, then it's probably sane. MBM -- Matthew Byng-Maddick <[EMAIL PROTECTED]> http://colondot.net/
