[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Psyntax security hole prevents secure sandboxing in Guile

From: Andreas Rottmann
Subject: Re: Psyntax security hole prevents secure sandboxing in Guile
Date: Mon, 07 May 2012 22:10:51 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.1.50 (gnu/linux)

Noah Lavine <address@hidden> writes:

>> Can you think of anything else that would need to be fixed, besides this
>> problem with forgeable syntax-objects?
> It depends how much of a sandbox you're thinking of, but I'd like to
> make sure that the untrusted code didn't go into an infinite loop,
> which means either putting it in a separate process or having a timer
> that would stop it after a deadline. Also you'd have to make sure that
> you didn't run any procedure returned by the untrusted code, for the
> same reason.
> Also, what if the untrusted code allocated a lot of memory? I suppose
> you could depend on that all being garbage-collected after it
> finished, but you'd have to be prepared to handle out-of-memory errors
> while it was running.
> It might be easiest to just put it in a separate process, although
> that would make communication harder.
Racket has a facility that achieves sandboxing (with the above property
of CPU and RAM usage bounds), i believe:

Regards, Rotty
Andreas Rottmann -- <>

reply via email to

[Prev in Thread] Current Thread [Next in Thread]