Re: Restrict access to "critical" functions
Honestly, I don't think what you're looking for is possible in *any* statically compiled systems language. NaCl does feature some code verification.
Re: Restrict access to "critical" functions
Bystroushaak wrote: > Useful google dork: sandbox. nice: safeD -> sandbox -> VirtualBox Make a virtual machine an integral part of the compiler :-) -manfred
Re: Restrict access to "critical" functions
Yep. Useful google dork: sandbox. On 14.12.2011 19:55, mta`chrono wrote: > Maybe you should use a VM to run your restricted applications. Or have a > look a chroot, dchroot or schroot, to setup such stuff. The Programming > Language will not help you in this case!
Re: Restrict access to "critical" functions
On 12/15/2011 06:04 PM, Jonathan M Davis wrote: On Thursday, December 15, 2011 13:57:21 deadalnix wrote: Even haskell has non pure functions (IO monad for exemple). Actually, Haskell is a 100% purely functional language. Not entirely. For example: http://users.skynet.be/jyp/html/base/System-IO-Unsafe.html Monads are completely pure. They're _how_ Haskell manages to be pure with I/O, when every functional language before them had had to be impure with regards to I/O. - Jonathan M Davis
Re: Restrict access to "critical" functions
On Thursday, December 15, 2011 13:57:21 deadalnix wrote: > Even haskell has non pure functions (IO monad for exemple). Actually, Haskell is a 100% purely functional language. Monads are completely pure. They're _how_ Haskell manages to be pure with I/O, when every functional language before them had had to be impure with regards to I/O. - Jonathan M Davis
Re: Restrict access to "critical" functions
Le 14/12/2011 13:48, Timon Gehr a écrit : On 12/14/2011 01:28 PM, Kagamin wrote: Goal would be to have a possibility to compile and let run code from random people (some of them perhaps evil minded), watch over the processes and kill them, if they take too long or use up too much memory. I believe this is what SafeD is for. SafeD eliminates the possibility of memory corruption, it does not prevent the program from messing with the system. Nothing does expect thing that doesn't have side effect. So basically, the OP only want pures function. They exists in D, but I highly doubt you can produce anythoing usefull using only pure function. Even haskell has non pure functions (IO monad for exemple).
Re: Restrict access to "critical" functions
Maybe you should use a VM to run your restricted applications. Or have a look a chroot, dchroot or schroot, to setup such stuff. The Programming Language will not help you in this case!
Re: Restrict access to "critical" functions
On Monday, 12 December 2011 at 18:48:17 UTC, Christian Köstlin wrote: Goal would be to have a possibility to compile and let run code from random people (some of them perhaps evil minded), watch over the processes and kill them, if they take too long or use up too much memory. This is something you should set up in the operating system. The programming language can't do much to help here. On the operating system, create a new limited user account for the random people code. Limited user accounts can't format hard drives. Then, make sure your other files have the proper permissions so the new user can't read/modify them. (This should mostly be done already on any OS installation.) You might add a disk quota to prevent them from using too much disk space, not not give them any write access at all. Finally, set CPU and memory limits on the user processes. In Linux, see "man setrlimit" for some info.
Re: Restrict access to "critical" functions
2011/12/12 Christian Köstlin : > Hi, > > I want to restrict the access of a piece of d2-code to just some > functions I declare allowed. E.g. I would like to forbid all access > to io and prevent the program to format my hd. Or even better I would > like to tell D2 which functions of the std-libraries are allowed, all other > functions should not be callable. > > Goal would be to have a possibility to compile and let run code from random > people (some of them perhaps evil minded), watch over the processes and kill > them, if they take too long or use up too much memory. > > Thanks in advance > > Christian Köstlin Honestly, I don't think what you're looking for is possible in *any* statically compiled systems language. The kind of thing you're looking for is pretty much limited to VM languages that can enforce security restrictions at runtime. In particular, having direct access to assembly code and the stub C libraries for syscalls means that even if the compiler denied the user access to a certain library, the user could write the code needed to invoke a syscall to load that library into memory and make calls into it, and they could bypass all safety checks if they were determined enough.
Re: Restrict access to "critical" functions
Kagamin: > I believe this is what SafeD is for. Nope. SafeD is just for "memory safety". Bye, bearophile
Re: Restrict access to "critical" functions
On 12/14/2011 01:28 PM, Kagamin wrote: Goal would be to have a possibility to compile and let run code from random people (some of them perhaps evil minded), watch over the processes and kill them, if they take too long or use up too much memory. I believe this is what SafeD is for. SafeD eliminates the possibility of memory corruption, it does not prevent the program from messing with the system.
Re: Restrict access to "critical" functions
You can also try to run arbitrary D code at codepad.org, see http://codepad.org/f4b7wPhn for example.
Re: Restrict access to "critical" functions
Goal would be to have a possibility to compile and let run code from random people (some of them perhaps evil minded), watch over the processes and kill them, if they take too long or use up too much memory. I believe this is what SafeD is for.
Restrict access to "critical" functions
Hi, I want to restrict the access of a piece of d2-code to just some functions I declare allowed. E.g. I would like to forbid all access to io and prevent the program to format my hd. Or even better I would like to tell D2 which functions of the std-libraries are allowed, all other functions should not be callable. Goal would be to have a possibility to compile and let run code from random people (some of them perhaps evil minded), watch over the processes and kill them, if they take too long or use up too much memory. Thanks in advance Christian Köstlin
