[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Sandboxing (was: Safety of elisp-flymake-byte-compile)

From: Stefan Monnier
Subject: Sandboxing (was: Safety of elisp-flymake-byte-compile)
Date: Tue, 11 Dec 2018 14:30:43 -0500
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)

>> Providing ways to run Elisp in a confined environment would be useful in
>> various circumstances, but it's non-trivial.
> I can understand that, but I'm not proposing a fully hermetic sandbox
> just something that ameliorates the problem.

I think a first step might be to add a new boolean var
`disallow-unsafe-effects` and then go through the C code to check this
var whenever we do something "dangerous" (e.g. change a global var,
launch a process, ...).

I suspect that a boolean will be too coarse in the long run (we'll
probably want to split this into different domains, maybe with some kind
of capabilities, or maybe monitor the effect, or god knows what), but we
need to start somewhere and this will at least let us annotate the code
that is sensitive so it's easier afterwards to refine it.  It will also
let us see whether this affects performance-significant code.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]