Sandboxes

42 nospam at nospam.com
Sat Aug 20 20:49:50 CEST 2005


In article <3mog8aF17j66oU1 at uni-berlin.de>, deets at nospam.web.de says...
> > Would this sufficient? Are there any drawbacks or giant gaping holes? 
> > I'm anticipating that I'd also need to block 'exec' and 'eval' to 
> > prevent an import from being obfuscated past the pre-parse.
> > 
> > Or is this a hopeless cause? 
> 
> Yes. There have been numerous discussions about this, and there are so 
> many different ways to overcome such imposed limitations - it won't work.
> 
> > 
> > Finally, either way, would anyone recommend a different script engine 
> > that might be more suitable for what I'm trying to accomplish that I 
> > might not have looked at. I don't need much; it needs to work with C#, 
> > and be able to easily interact with 'published' interface. I'd also like 
> > to leverage a "popular" language instead of something obscure.
> 
> Maybe LUA? I only heard that it's well suited for such tasks.
> 
> The overall question for me is: Why crippled acess at all? What do you 
> fear your users could do that harms you or others? There are of coures 
> valid reasons, I don't question that generally. E.g. applets and the 
> like. So what is the actual usecase?

Basically I just want a language to allow users to write macros, 
interact with application objects, set property values, sequence 
operations, supporting loops and branch logic and so forth.

Something along the lines of a drawing program that allowed uers to 
write and/or download scripts to perform batches of arbitrary  
(parameterized) operations.

e.g.scripts along the lines of:

function drawfan(x,y,r)
i=45
while (i<90)
	if i.isEven() 
		color=red;
	else
		color=blue;
	PublishedInterface.Drawline(x,y, x+r*sin(i), y+r*cos(i),color)
	i++
end while

I want the 'worst case' a malicious script to be able to accompish to be 
a program crash or hang.

regards,





More information about the Python-list mailing list