[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Chicken-users] Packaging libraries securely
From: |
felix winkelmann |
Subject: |
Re: [Chicken-users] Packaging libraries securely |
Date: |
Wed, 8 Aug 2007 14:46:55 +0200 |
On 8/8/07, Tony Sidaway <address@hidden> wrote:
>
> And so on.
>
> It seems to me that I need to do this otherwise just about everything
> in the namespace will be available at runtime, co-optable for bad
> stuff.
>
> Or am I just being a silly sausage? Is there a better way of doing this?
The sandbox egg will be the only thing that gives a bit of security, but
it provides only a very basic Scheme dialect and is pretty slow.
The only (somewhat brute-forcish) solution that comes to mind is
to compile to a static executable and hack somethhing together with
rlimit and chroot(1).
cheers,
felix