Re: RFC: (ice-9 sandbox)

guile-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RFC: (ice-9 sandbox)

From:	Mike Gran
Subject:	Re: RFC: (ice-9 sandbox)
Date:	Fri, 31 Mar 2017 14:41:14 +0000 (UTC)



?> On Friday, March 31, 2017 2:28 AM, Andy Wingo <address@hidden> wrote:


> Any thoughts?  I would like something like this for a web service that

> has to evaluate untrusted code.
Neat!  Here are some random, tangential ideas.
While this might be a good route toward a pragmatic definition of
"safe," a route to a stronger version of safety might be trying
to compile a Guile against the CloudABI C library -- which prevents
OS interaction altogether --  and then use something like inetd to
to communicate with your safe guile.
As a middle ground, there are the --disable-posix,
--disable-networking, and --disable-regex options, to consider.
-Mike Gran

[Prev in Thread]

Current Thread

[Next in Thread]

RFC: (ice-9 sandbox), Andy Wingo, 2017/03/31
- Re: RFC: (ice-9 sandbox), Ludovic Courtès, 2017/03/31
  - Re: RFC: (ice-9 sandbox), Andy Wingo, 2017/03/31
    - Re: RFC: (ice-9 sandbox), Ludovic Courtès, 2017/03/31
- Re: RFC: (ice-9 sandbox), Mike Gran <=

Prev by Date: Re: RFC: (ice-9 sandbox)
Next by Date: "guix potluck", a moveable feast
Previous by thread: Re: RFC: (ice-9 sandbox)
Next by thread: "guix potluck", a moveable feast
Index(es):
- Date
- Thread