Re: Lisp security
- From: Pascal Costanza <pc@xxxxxxxxx>
- Date: Mon, 31 Oct 2005 14:30:24 +0100
John Thingstad wrote:
Obviously Lisp is not prone to buffer overfow controls. (unless optimations turn bounds checking off)
But there is the question of Java.final.
Apperaently there is no equivalence in Lisp.
Simularly there is the possibility to change inheritance after runtime.
Also decaring code after runtime.
Obviously if you get trough the outer defenses Lisp is chanseless.
Any chance of anyone (Allegro) deveoping a 'sandbox' for lisp?
This will probably take a lot of work because there are a lot of potential security holes. (Think about (setf symbol-function).)
Dylan has a notion of sealed generic functions and sealed classes which could be useful here. However, an all-or-nothing approach is also not quite right. You probably want a more fine-grained approach which allows you to give different parts of a program different "rights" or capabilities.
We are actually thinking about using something like ContextL to grant rights for some code in a certain context (and disallow changing the rights for that context at the same time). However, this is no more than a vague idea by now, there is probably a lot of work to be done to make this work.
Pascal
-- My website: http://p-cos.net Closer to MOP & ContextL: http://common-lisp.net/project/closer/ .
- Follow-Ups:
- Re: Lisp security
- From: John Thingstad
- Re: Lisp security
- References:
- Lisp security
- From: John Thingstad
- Lisp security
- Prev by Date: Re: diff. betw. equal and eq on simbols
- Next by Date: Re: Lisp security
- Previous by thread: Lisp security
- Next by thread: Re: Lisp security
- Index(es):
Relevant Pages
|
