Re: Lisp security

On Mon, 31 Oct 2005 15:41:54 +0100, Cameron MacKinnon <cmackin+nn@xxxxxxxxxxxxx> wrote:

John Thingstad wrote:
Obviously Lisp is not prone to buffer overfow controls. (unless optimations turn bounds checking off)
But there is the question of Java.final.
Apperaently there is no equivalence in Lisp.
Simularly there is the possibility to change inheritance after runtime.
Also decaring code after runtime.
Obviously if you get trough the outer defenses Lisp is chanseless.
Any chance of anyone (Allegro) deveoping a 'sandbox' for lisp?

What is your threat model? Do you allow users to add Lisp code to your system, and want them limited to a safe subset? Or are you worried about what is ostensibly user provided data breaching the code/data boundary (a la buffer overflow)? 

I forgot the power of read-line.
A macro got through before I could verify the line.
Be warned!

--
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/
.

Relevant Pages

  • Places=lvalues and Pop11 (was months ago: Requesting advice how to clean up C code for vali
    ... there are equivalence classes of values modulo ... In fact the optimizing compiler could eliminate the ... character, or EBCDIC character, or IBM-PC character, or Latin-1 ... and I'm pleased you've essentially adopted the lisp ...
    (comp.lang.c)
  • Re: Teaching new tricks to an old dog (C++ -->Ada)
    ... idea of what something like Common Lisp is, can provide, and can do. ... Lisp is not really a functional language, though it can be used as ... Turing equivalence is totally irrelevant. ... > the only tool a programmer really has. ...
    (comp.lang.ada)
  • Re: Teaching new tricks to an old dog (C++ -->Ada)
    ... idea of what something like Common Lisp is, can provide, and can do. ... Lisp is not really a functional language, though it can be used as ... Turing equivalence is totally irrelevant. ... > the only tool a programmer really has. ...
    (comp.lang.cpp)
  • Re: Equality of foreign objects
    ... Lisp that can be extended for user-defined types, ... Other languages that pretend to provide such generic ... equal iff they are of the same size and their elements are pairwise ... Then there is the notion of structural equivalence which you may not cover by your definition. ...
    (comp.lang.lisp)
  • Re: Lisp security
    ... Apperaently there is no equivalence in Lisp. ... Obviously if you get trough the outer defenses Lisp is chanseless. ... and want them limited to a safe subset? ... Or are you worried about what is ostensibly user provided data breaching the code/data boundary? ...
    (comp.lang.lisp)