--
To post to this group haxe...@googlegroups.com
http://groups.google.com/group/haxelang?hl=en
---
You received this message because you are subscribed to the Google Groups "Haxe" group.
For more options, visit https://groups.google.com/d/optout.
I had done a little research this past weekend myself. A security friend recommended seccomp, though it seems incredibly complex, and it's default mode is to kill the process as soon as it makes any system call outside a few basic ones. It would be very hard to setup, but likely the right thing to do.
Alternately, lxc containers looked promising, they have a hardened unprivileged container so you can guarantee attackers can't get real root access on the host machine.
Even with any level of security, I still might kill a couple APIs -- macro learning shouldn't depend on creating native processes or using using sockets.
Justo, is the code in a public place, or do you want to work on this privately for a bit? (I don't really have time to do much, bit I'd be interested in how it works / watch the progress.)
--
Justo
That's really great I tried the twitter link you posted, then I
felt a bit naughty... am I really allowed to do this!
haxelib upgrade
I've added a bunch of non-tested libraries:
actuate, format, hscript, nape, minject, msignal, polygonal-ds, hxparse, hxtemplo, promhx, dots, slambda, thx.core, thx.color, thx.promise, thx.stream, thx.culture, thx.stream.dom, thx.benchmark, thx.csv, thx.text, tink_core, tink_macro, tink_priority, tink_lang, tink_xml, tink_template, tink_concurrent, tink_streams, tink_io, tink_runloop, tink_tcp, tink_http, tink_url, tink_parse, tink_json, tink_clone, tink_await, tink_web, futurize
--