I'll adjust the docs to clarify that every module that exists in some collection is automatically allowed. That fact turns out to be buried in the description of `sandbox-path-permissions`. The `#:allow-for-require` argument is intended for listing additional modules that are not in a collection (e.g., accessed by a relative path).
Note that having access to a module doesn't necessarily mean that the module really can be used. For example, you could change your example to require `ffi/unsafe`, but attempting to use an export of `ffi/unsafe` will trigger an access-to-protected-variable error. Having access to a module just means that the sandbox is allowed to use the installed module in the same way that it could use a copy of the module's code and bytecode. At Sat, 12 Sep 2015 05:23:27 -0700 (PDT), Paolo Giarrusso wrote: > Hi! I’m confused by the behavior of the Racket sandbox — it doesn’t seem to > actually restrict module loading as its docs seem to promise. > > Alternatively, I'm misunderstanding the docs, and on my system (OS X) > #:allow-for-require is unneeded altogether. But then, on what systems is it > required? > > > In particular, filesystem access is restricted, which may interfere with > using modules from the filesystem. > > I observed this on the handin server (by accident), and minimized the problem > down to this, so that people not involved with the handin server might take a > look. > > Here's the example (also posted as http://pasterack.org/pastes/81863). > > ; Tested with Racket 6.2.1, while investigating a problem with the handin > server. > > #lang racket > (require racket/sandbox) > (define evaler (make-module-evaluator '(module foo racket (require > htdp/image) > 1) #:language 'racket #:allow-for-require '(2htdp/image))) > > (evaler '(begin (require htdp/image) (require net/http-client) (circle 20 > "solid" "red"))) > > > Note I'm using `(require htdp/image)`, which I'd expect to be forbidden — in > both the code passed to make-module-evaluator, and in the code passed to the > resulting evaluator. > > -- > You received this message because you are subscribed to the Google Groups > "Racket Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Racket Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
