> On Nov 5, 2018, at 20:01, Ryan Culpepper <ry...@ccs.neu.edu> wrote:
>
> You could use a chaperone to prohibit `struct-info`
Good point! I had forgotten that `struct-info` is a chaperoneable operation.
This isn’t ideal, though, since I don’t think `struct-info` is ever actually
supposed to raise an error, it’s just supposed to return #f, instead. It’s
possible to call `struct-info` on absolutely anything, even things like
numbers, and get a result:
> (struct-info 3)
#f
#t
If I understand correctly, this is because all values in Racket are “morally
structures”, and reflective operations on values that are not actually
implemented with structures should behave identically to reflective operations
on values for which you do not have a sufficiently powerful inspector to
inspect.
Unfortunately, it isn’t possible to regain this behavior with
`impersonate-struct`, since `impersonate-struct` does not allow you to
impersonate `struct-info`.
> On Nov 6, 2018, at 02:47, Philip McGrath <phi...@philipmcgrath.com> wrote:
>
> A variant on Alexis' example lets you circumvent Typed Racket's protections:
>
> [snip]
>
> Maybe this is well-known to everyone who's thought about it before, but I
> hadn't. Though I guess, while I don't think about inspectors very often, I
> think of them as a way for one module to put others under its control, in
> which case maybe the module with the more powerful inspector should be able
> to break subordinate modules' invariants.
I’m not sure, either. Personally, I feel like it should be possible to have
invariants that truly cannot be broken, but maybe there are use cases I don’t
understand. Anyway, in the case of Typed Racket, this is clearly a soundness
hole, but a fixable one — either Typed Racket or the contract system is not
applying `chaperone-struct-type` where it ought to be. I’ll file a bug.
Alexis
--
You received this message because you are subscribed to the Google Groups
"Racket Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to racket-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
