[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Psyntax security hole prevents secure sandboxing in Guile

From: Ludovic Courtès
Subject: Re: Psyntax security hole prevents secure sandboxing in Guile
Date: Mon, 07 May 2012 18:31:55 +0200
User-agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.93 (gnu/linux)

Hi Mark!

Mark H Weaver <address@hidden> skribis:

> Every once in a while someone asks about secure sandboxing with Guile,
> and generally the response is that it should be fairly easy, by creating
> a module with carefully selected bindings, but there's nothing ready
> "out of the box".
> I just realized that psyntax has a security hole that prevents secure
> sandboxing, and wanted to post this fact before it was forgotten.

There are many other holes, such as the fact that ‘@@’ is compiled to
the ‘toplevel-ref’ instruction, which can search inside modules.

> The problem is that psyntax accepts syntax-objects in the input, and
> syntax-objects are simply vectors (or sexps containing vectors).

I agree it would be nice to fix eventually, using structs, but it takes
more than this to allow for “secure sandboxing”.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]