On Saturday, September 12, 2015 at 8:59:45 PM UTC+2, Matthew Flatt wrote: > I'll adjust the docs to clarify that every module that exists in some > collection is automatically allowed. That fact turns out to be buried > in the description of `sandbox-path-permissions`. The > `#:allow-for-require` argument is intended for listing additional > modules that are not in a collection (e.g., accessed by a relative > path).
> Note that having access to a module doesn't necessarily mean that the > module really can be used. For example, you could change your example > to require `ffi/unsafe`, but attempting to use an export of > `ffi/unsafe` will trigger an access-to-protected-variable error. Having > access to a module just means that the sandbox is allowed to use the > installed module in the same way that it could use a copy of the > module's code and bytecode. Makes sense. Thanks for the prompt answer! > At Sat, 12 Sep 2015 05:23:27 -0700 (PDT), Paolo Giarrusso wrote: > > Hi! I’m confused by the behavior of the Racket sandbox — it doesn’t seem to > > actually restrict module loading as its docs seem to promise. > > > > Alternatively, I'm misunderstanding the docs, and on my system (OS X) > > #:allow-for-require is unneeded altogether. But then, on what systems is it > > required? > > > > > In particular, filesystem access is restricted, which may interfere with > > using modules from the filesystem. > > > > I observed this on the handin server (by accident), and minimized the > > problem > > down to this, so that people not involved with the handin server might take > > a > > look. > > > > Here's the example (also posted as http://pasterack.org/pastes/81863). > > > > ; Tested with Racket 6.2.1, while investigating a problem with the handin > > server. > > > > #lang racket > > (require racket/sandbox) > > (define evaler (make-module-evaluator '(module foo racket (require > > htdp/image) > > 1) #:language 'racket #:allow-for-require '(2htdp/image))) > > > > (evaler '(begin (require htdp/image) (require net/http-client) (circle 20 > > "solid" "red"))) > > > > > > Note I'm using `(require htdp/image)`, which I'd expect to be forbidden — > > in > > both the code passed to make-module-evaluator, and in the code passed to > > the > > resulting evaluator. -- You received this message because you are subscribed to the Google Groups "Racket Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
