On Sun, Apr 23, 2017 at 8:33 PM, p...@highoctane.be <p...@highoctane.be> wrote: > But what makes Pharo nice is also that there are no such limitations. > > There are security things in Pharo, like disabling socket acces etc. > Maybe putting the VM in a true sandbox would be more adequate. > That can be done in a lot of ways at the OS level. Think containers. > > Phil
But that doesn't help us take over the world with *everyone* working within the Giant-Single-Galactic-Image. mhahHaHaHAhaaaaa.... cheers -ben > > On Sun, Apr 23, 2017 at 1:33 PM, Guillermo Polito > <guillermopol...@gmail.com> wrote: >> >> Generally speaking, and from my understanding, you will not be able to do: >> >> SomeClass compile: 'initialize >> MyEvilHack dostuff. >> ^ super initialize ' >> >> In newspeak. >> >> And that's because you are not able to do: >> >> SomeClass compile: '...' >> >> Newspeak uses object capabilities, and following those principles, you >> will only be able to compile and install code in a class, if somebody gives >> you a capability to do so. >> >> Then, the problem is that right now Pharo's reflective API is convoluted >> with the base API, and thus from any piece of code you can do e.g.,: >> >> anyObject superclass superclass allSubclasses... >> >> A possible solution to this is to separate the reflective API from the >> base API. >> >> On Sun, Apr 23, 2017 at 9:16 AM, Ben Coman <b...@openinworld.com> wrote: >>> >>> On Thu, Apr 13, 2017 at 3:54 PM, Denis Kudriashov <dionisi...@gmail.com> >>> wrote: >>> > >>> > 2017-04-12 18:32 GMT+02:00 Ben Coman <b...@openinworld.com>: >>> >> >>> >> If you want hostile actors working directly within the Image with a >>> >> full >>> >> environment, then Pharo is probably not suitable. Its easy to get >>> >> hold of >>> >> global class from the Playground references and overwrite/compile any >>> >> method >>> >> in the system like this... >>> >> >>> >> SomeClass compile: 'initialize >>> >> MyEvilHack dostuff. >>> >> ^ super initialize ' >>> >> >>> >> You might want to consider Newspeak, which runs on the same VM as >>> >> Pharo >>> >> and has a focus on security. >>> > >>> > >>> > Interesting how they address your example? >>> >>> Not a direct response, but in Newspeak forum I see Gliad [1] respond >>> to LaeMing... "Newspeak (note the capitalization) fits with your >>> concerns around security and asynchrony, though the reality needs >>> work. The main implementation runs on Smalltalk and as such is >>> insecurable. There are less complete implementations based on >>> compiling to Javascript and to the Truffle VM, and Ryan's Psoup VM, >>> which is probably the most compliant version." >>> >>> [1] >>> https://groups.google.com/forum/#!searchin/newspeaklanguage/laeming%7Csort:relevance/newspeaklanguage/0-20dj5m6wo/f5xpYnBFBgAJ >>> >>> cheers -ben >>> >> >