guile-user
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Embedding Guile with sandboxing


From: Amirouche Boubekki
Subject: Re: Embedding Guile with sandboxing
Date: Tue, 24 Nov 2015 17:35:18 +0100
User-agent: Roundcube Webmail/1.1.2

Le 2015-11-21 22:39, Pascal J. Bourguignon a écrit :
Matthew Keeter <address@hidden> writes:

I’m currently embedding Python in a C / C++ application that evaluates user-provided scripts.

Obviously, this is terribly unsafe: user-provided scripts can execute arbitrary malicious actions,
and there’s no good way to sandbox Python in a desktop context.

If I were to replace Python with Guile, is there a way to sandbox it so that arbitrary (perhaps
malicious) user-provided scripts can be run safely?

So you need to implement a language that won't provide any unwanted
OS/platform API and that won't provide any way to generate code accessing
to any unwanted feature, and that still allows user to write useful
programs, while making no mistake; and since it will run on an unsafe
platform, how will you ensure that a program written in your language
will never be able to have any nefarious side effects?

If you want to go that route I recommend you have look at GNU epsilon [1][2]
which is basically a framework for building languages. It's still alpha.

HTH

[1] https://www.gnu.org/software/epsilon/
[2] http://lists.gnu.org/archive/html/epsilon-devel/



reply via email to

[Prev in Thread] Current Thread [Next in Thread]