So, once I hopefully have it working locally, how do I apply it into the net-repl server? I think the following is the correct definition to be tweaked (non-modified from net-repl). Do I add the sandbox-environment to evals or something?
(define net-repl-eval (let ([eval (current-eval)]) (lambda (exit) (lambda (expr) (if (equal? (if (syntax? expr) (syntax-object->datum expr) expr) '(#%top-interaction close)) (exit) (eval expr)))))) br, jukka > -----Original Message----- > From: sam...@gmail.com [mailto:sam...@gmail.com]On Behalf Of Sam > Tobin-Hochstadt > Sent: 27 June 2011 16:53 > To: Jukka Tuominen > Cc: users@racket-lang.org > Subject: Re: [racket] Limiting net-repl provided functions > > > On Mon, Jun 27, 2011 at 9:48 AM, Jukka Tuominen > <jukka.tuomi...@finndesign.fi> wrote: > > BTW, 'secure' in this context may mean allowing even critical > system calls > > (say format harddisk), if so specified. But the user should not > be able to > > do anything else than specified. > > The `sandbox' infrastructure is fairly flexible. Just by constructing > a namespace and doing the `eval' in that namespace, you'll be able to > restrict which identifiers the remote user can refer to. If those are > very limited, that might be enough for security. > > >> -----Original Message----- > >> From: sam...@gmail.com [mailto:sam...@gmail.com]On Behalf Of Sam > >> Tobin-Hochstadt > >> Sent: 27 June 2011 16:10 > >> To: Jukka Tuominen > >> Cc: users@racket-lang.org > >> Subject: Re: [racket] Limiting net-repl provided functions > >> > >> > >> On Mon, Jun 27, 2011 at 8:48 AM, Jukka Tuominen > >> <jukka.tuomi...@finndesign.fi> wrote: > >> > > >> > The basic client/server functionality is already working, but > >> it's too big a > >> > security risk outside LAN use. It seems to be easier to add > >> functionality > >> > than ripping them off. Perhaps creating a custom #%top definition to > >> > interfere with the default symbol lookup...? > >> > >> The right place to look is at sandboxes: > >> http://docs.racket-lang.org/reference/Sandboxed_Evaluation.html > >> and namespaces: > >> http://docs.racket-lang.org/guide/mk-namespace.html > >> > >> -- > >> sam th > >> sa...@ccs.neu.edu > > > > _________________________________________________ > > For list-related administrative tasks: > > http://lists.racket-lang.org/listinfo/users > > > > > > -- > sam th > sa...@ccs.neu.edu _________________________________________________ For list-related administrative tasks: http://lists.racket-lang.org/listinfo/users