[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Psyntax security hole prevents secure sandboxing in Guile
|
From: |
Ludovic Courtès |
|
Subject: |
Re: Psyntax security hole prevents secure sandboxing in Guile |
|
Date: |
Mon, 07 May 2012 18:31:55 +0200 |
|
User-agent: |
Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.93 (gnu/linux) |
Hi Mark!
Mark H Weaver <address@hidden> skribis:
> Every once in a while someone asks about secure sandboxing with Guile,
> and generally the response is that it should be fairly easy, by creating
> a module with carefully selected bindings, but there's nothing ready
> "out of the box".
>
> I just realized that psyntax has a security hole that prevents secure
> sandboxing, and wanted to post this fact before it was forgotten.
There are many other holes, such as the fact that ‘@@’ is compiled to
the ‘toplevel-ref’ instruction, which can search inside modules.
> The problem is that psyntax accepts syntax-objects in the input, and
> syntax-objects are simply vectors (or sexps containing vectors).
I agree it would be nice to fix eventually, using structs, but it takes
more than this to allow for “secure sandboxing”.
Thanks,
Ludo’.