Sandbox + 2htdp/image

[Stephen Foster]

The following returns #f and #t.  How can I get it to return #t and #t?

Context: I want to allow students to run Racket code on my server. But when I sandbox their code, I am getting back something that doesn't behave like a 2htdp/image object.  I'm not exactly sure what it is. 

#lang racket

(require racket/sandbox 2htdp/image)

(sandbox-path-permissions

  (list

    '(exists

       "/usr/lib/ssl/cert.pem")

    '(exists

       "/usr/lib/ssl/certs")))

(define user-code '(circle 40 'solid 'red))

(define circle1

  ((make-evaluator 'racket

                   `(define f

                      (let ()

                        ,user-code))

                   #:requires

                   '(2htdp/image))

   'f))

(define circle2

  (circle 40 'solid 'red))

(image? circle1) ;#f but I want it to be #t

(image? circle2) ;#t


If it helps, when I print out the above values with ~a, I get:

"#(struct:object:image% ... #(struct:translate 40 40 #(struct:ellipse 80 80 0 255 red)) #(struct:bb 80 80 80) #f #f #f #f #t)"

"#(struct:object:image% ...)"

[Robby Findler]

It might be easiest to just use the `image?` predicate from inside the sandbox. Get it out the same way you got the image itself out.

Robby

--
You received this message because you are subscribed to the Google Groups "Racket Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to racket-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/racket-users/ebf8bf84-23d6-45f3-9b1d-6bb6bf592b8e%40googlegroups.com.

[Stephen Foster]

I was using the image? predicate as an arbitrary example of something you might want to do with an image after extracting it from the sandbox.  What if I wanted to pass the result along to beside or overlay?  

In all cases, these functions don't recognize the result as an image:

beside: expects an image as first argument, given (object:image% #f #f #f #f 1 0 (object:image-snipclass% #f "((lib \"image-core.ss\" \"mrlib\") (lib \"image-core-wxme.rkt\" \"mrlib\"))" 1) #0=(object:style% (object:color% 0 0 0 1.0 #f) (object:color% 255 255 255 1.0 #f) (object:font% #f 'aligned '#(12...

--

Stephen Foster

ThoughtSTEM Co-Founder

318-792-2035

[Robby Findler]

Just in case, the general phenomenon happening here is that you've got two instantiations of the image library (I believe that mrlib/image-core is the essential one that's getting duplicated in this case) so there are two different sets of structs for the representation of images and the one doesn't recognize the other.

There are two basic approaches, I guess: you could run everything image-related inside the sandbox (including, I suppose, turning it into a bitmap or svg or something) and then getting it out of the sandbox, or you could share the implementation of the image library between the inside and outside of the sandbox. The former approach is more secure but maybe less convenient; the latter is the other way around.

If you wanted to share the implementation you'd have to set up the sandbox not with a fresh namespace, but with a namespace that already has the same instantiation of mrlib/image-core as the one you want to use outside the sandbox.

Robby

To view this discussion on the web visit https://groups.google.com/d/msgid/racket-users/CA%2BzSu29untSJzX0yuyzbOuCiz_xewsgkXBkYHZVnLeHBkwT1mg%40mail.gmail.com.

[Stephen Foster]

Ooooh, okay.  That explanation helps a lot.  Both of these paths seem workable.  I'll see what I can do.

Thanks, Robby!