Larry Wall wrote:In other words, the compiler must be sure to run immediate bits of code with the same restrictions as it would run the real code.Do bear in mind that Perl can execute bits of code as it's compiling, so if a bit of code is untrustworthy, you shouldn't be compiling it in the first place, unless you've prescanned it to reject C<use>, C<BEGIN>, and other macro definitions, or (more usefully) have hooks in the compiler to catch and validate those bits of code before running them.
This isn't a parrot issue per say; it's a compiler issue, and I don't see how it requires additional mechinisims for parrot, unless possibly it's running one pbc (the compiler itself) with one set of restrictions/quotas, and another bytecode segment (pbc generated during the compile) with another set.
I think we were planning on that anyway (to allow libraries to be more trusted then the code that calls them, and callbacks to be less trusted).
Yup. Subroutines and methods are privilege boundaries, and code with extra rights may call into less privileged code safely. We need to work out the mechanism though.
--
Dan
--------------------------------------"it's like this"------------------- Dan Sugalski even samurai [EMAIL PROTECTED] have teddy bears and even teddy bears get drunk