Antimony looks really cool!
I agree that Guile doesn't provide a silver bullet here. Again, I think
it can be done... though I think it'll require a lot of yak hair
traversal to get to that point :)
Good luck, have fun, and happy hacking!
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Nov 22, 2015 at 11:06:05AM +0100, Arne Babenhauserheide wrote:
> Am Samstag, 21. November 2015, 13:35:12 schrieb Matthew Keeter:
> > If I were to replace Python with Guile, is there a way to sandbox it so
> > that arbitrary (perhaps
> > malici
Le 2015-11-21 22:39, Pascal J. Bourguignon a écrit :
Matthew Keeter writes:
I’m currently embedding Python in a C / C++ application that evaluates
user-provided scripts.
Obviously, this is terribly unsafe: user-provided scripts can execute
arbitrary malicious actions,
and there’s no good w
Context: Antimony is a tool for computer-aided design that makes heavy use of
user-defined scripts (http://www.mattkeeter.com/projects/antimony).
I’m considering other languages, either for Antimony or future projects.
Python is great, but I’m running into two main issues:
It’s hard to distribute
I've also been thinking about this issue with an embedded language I am
developing in Guile. How about the good old metacircular evaluator:
https://mitpress.mit.edu/sicp/full-text/sicp/book/node76.html
BTW, Matt, are you porting "Antimony" to Guile? :)
--Bert
On Sun, Nov 22, 2015 at 3:51 PM,
Matthew Keeter writes:
> I’m currently embedding Python in a C / C++ application that evaluates
> user-provided scripts.
>
> Obviously, this is terribly unsafe: user-provided scripts can execute
> arbitrary malicious actions, and there’s no good way to sandbox Python
> in a desktop context.
>
> If
Am Samstag, 21. November 2015, 13:35:12 schrieb Matthew Keeter:
> If I were to replace Python with Guile, is there a way to sandbox it so that
> arbitrary (perhaps
> malicious) user-provided scripts can be run safely?
The languages which try to do that are Java and Javascript, and they
have sever
On Sat, Nov 21, 2015 at 1:35 PM, Matthew Keeter wrote:
> I’m currently embedding Python in a C / C++ application that evaluates
> user-provided scripts.
>
> Obviously, this is terribly unsafe: user-provided scripts can execute
> arbitrary malicious actions,
> and there’s no good way to sandbox P
Matthew Keeter writes:
> I’m currently embedding Python in a C / C++ application that evaluates
> user-provided scripts.
>
> Obviously, this is terribly unsafe: user-provided scripts can execute
> arbitrary malicious actions,
> and there’s no good way to sandbox Python in a desktop context.
>
>
I’m currently embedding Python in a C / C++ application that evaluates
user-provided scripts.
Obviously, this is terribly unsafe: user-provided scripts can execute arbitrary
malicious actions,
and there’s no good way to sandbox Python in a desktop context.
If I were to replace Python with Guile
10 matches
Mail list logo