guile-user
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Embedding Guile with sandboxing


From: Arne Babenhauserheide
Subject: Re: Embedding Guile with sandboxing
Date: Sun, 22 Nov 2015 11:06:05 +0100
User-agent: KMail/4.14.8 (Linux/3.14.14-gentoo; KDE/4.14.8; x86_64; ; )

Am Samstag, 21. November 2015, 13:35:12 schrieb Matthew Keeter:
> If I were to replace Python with Guile, is there a way to sandbox it so that 
> arbitrary (perhaps
> malicious) user-provided scripts can be run safely?

The languages which try to do that are Java and Javascript, and they
have several bugs connected to this every year (which i.e. allowing
execution of code with elevated priviledges).

To make this safe, you could follow the route described by Pascal:
Define a restricted sub-language which is not turing-complete. You can
do that with a medium amount of hassle with Guile (my personal
estimate). This will not give users a full programming language —
which is exactly why it can be made safe.

Best wishes,
Arne

Attachment: signature.asc
Description: This is a digitally signed message part.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]