Although I've not yet learned Lisp and SBCL well, I'm curious about whether
preparing an eval sandbox so that it would be restricted in it's bindings,
file system access, memory usage, network access, and CPU time, something
like this
--------------------------------------------------------------------------- ---
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
On 3 May 2012 05:48, Grant Rettke <gret...@acm.org> wrote:
> Although I've not yet learned Lisp and SBCL well, I'm curious about whether
> preparing an eval sandbox so that it would be restricted in it's bindings,
> file system access, memory usage, network access, and CPU time, something
> like this
/Possible/, yes. Straightforward, actually, mostly yes. Easy to get right? No.
Racket's language abstraction is pretty cool, and we don't have
anything like that. So you'd be rolling up some infrastructure to
start with.
Cheers,
-- nikodemus
--------------------------------------------------------------------------- ---
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________
Sbcl-help mailing list
Sbcl-h...@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sbcl-help
nikode...@random-state.net> wrote:
> On 3 May 2012 05:48, Grant Rettke <gret...@acm.org> wrote:
> > Although I've not yet learned Lisp and SBCL well, I'm curious about
> whether
> > preparing an eval sandbox so that it would be restricted in it's
> bindings,
> > file system access, memory usage, network access, and CPU time, something
> > like this
--------------------------------------------------------------------------- ---
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> Although I've not yet learned Lisp and SBCL well, I'm curious about whether > preparing an eval sandbox so that it would be restricted in it's bindings, > file system access, memory usage, network access, and CPU time, something > like this > > http://docs.racket-lang.org/reference/Sandboxed_Evaluation.html > > would be possible?
/Possible/, yes. Straightforward, actually, mostly yes. Easy to get right? No.
Racket's language abstraction is pretty cool, and we don't have anything like that. So you'd be rolling up some infrastructure to start with.
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
--------------------------------------------------------------------------- ---
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
* Anton Vodonosov [2012-05-04 01:30:46 +0400] wrote:
> Check this https://github.com/tlikonen/cl-eval-bot. This project
> receives lisp code from external source and executes it in a sandbox.
> Will not give you control over memory usage and CPU time I think, but
> will allow to control what API's (file system functions, network
> functions) are available to the lisp code.
Yes. Especially files sandbox-impl.lisp and sandbox-cl.lisp.
(I'm doing a database which looks like a simple virtual filesystem. Its
basic framework is ready but have been too busy with my dayjob to finish
it yet.)
--------------------------------------------------------------------------- ---
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________
Sbcl-help mailing list
Sbcl-h...@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sbcl-help
On Thu, May 3, 2012 at 10:11 PM, Teemu Likonen <tliko...@iki.fi> wrote:
> * Anton Vodonosov [2012-05-04 01:30:46 +0400] wrote:
> > Check this https://github.com/tlikonen/cl-eval-bot. This project
> > receives lisp code from external source and executes it in a sandbox.
> > Will not give you control over memory usage and CPU time I think, but
> > will allow to control what API's (file system functions, network
> > functions) are available to the lisp code.
> Yes. Especially files sandbox-impl.lisp and sandbox-cl.lisp.
> (I'm doing a database which looks like a simple virtual filesystem. Its
> basic framework is ready but have been too busy with my dayjob to finish
> it yet.)
--------------------------------------------------------------------------- ---
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
