[prev in list] [next in list] [prev in thread] [next in thread]
List: mason-devel
Subject: Re: [Mason-devel] using Safe
From: Dave Rolsky <autarch () urth ! org>
Date: 2000-10-25 14:23:46
[Download RAW message or body]
On Wed, 25 Oct 2000, Paul Mallach wrote:
> c) Try to execute the code for the component in a Safe-compartnent, that
> restricts anything that might change runtime behaviour (eval, do "file", ...)
> d) If successfull, mark component as checked and directly execute the code
> next time.
> I'm not sure that c) is really possible, ie. making sure that for the real
> execution no other code is compiled than for my test-execution.
It should be possible. We do check the timestamp of the file on disk.
For extra security you could always load the file and get an MD5 hash of
it. This would be a performance hit, though.
> No, there is no full security and I am aware of that. But some security is
> better than none at all. That would be like: "I'm using ftp, ftp-passwords
> can be snooped, so I always use a blank password"
Hehe, I wasn't suggesting it was worthless. I was questioning whether it
would solve your problem.
I'm sure it would be possible to wrap component calls in Safe
compartments. I'm not sure that I'm motivated enough to explore this at
the moment. Patches are welcome!
Seriously, we can add this to the to do list but I don't know when it'll
get looked at. It seems from reading the Embperl docs on Safe that its
not too complicated. I'll try to poke around the Embperl code some time
to see.
-dave
/*==================
www.urth.org
We await the New Sun
==================*/
_______________________________________________
Mason-devel mailing list
Mason-devel@lists.sourceforge.net
http://lists.sourceforge.net/mailman/listinfo/mason-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic