On Thu, May 03, 2001 at 03:53:53PM -0500, David L. Nicol wrote:
> the larger question remains, is sandboxing something a language
> should support at all, or is it best left to the OS to provide
> a solid chroot facility?
CPANTS will have to try and clunk a sandbox together and I have no
illusions about how difficult this will be. On a sane Unix, yes we
have chroot. But what about Windows? MacOS? VMS? EEEK!
Not withstanding getting into trying to limit things like sockets,
disk usage, etc... Sure, Unix has ulimits, ipchains, quotas,
etc... but what about the DumbOS's and the AncientOS's?
IMHO that should be the indicator of whether Perl needs to provide a
particular sandbox feature. If we leave it up to the OS, how many
OS's leave no way (or very difficult ways) to do it. And how
radically different are the ones which provide it?
--
Michael G. Schwern <[EMAIL PROTECTED]> http://www.pobox.com/~schwern/
Perl6 Quality Assurance <[EMAIL PROTECTED]> Kwalitee Is Job One
But unluckily most Germans here are too smart. They all speak good English and
won't be able to speak German to me.
--Alex Chiu, Immortality Guy
