Re: Restricting execution of the tcl script to a folder or below
- From: skuhagen@xxxxxx
- Date: Fri, 31 Aug 2007 00:33:51 -0700
Hello
Now I can see a lot of resources to setup the communication. What I do
not know is how can I prevent accidental or rogue script from causing
damage to the files outside of the folder from which it is supposed to
execute. Is this even possible?
Yes, you should read about "Safe Base" here: http://www.tcl.tk/man/tcl8.4/TclCmd/safe.htm
It allows you to create a safe interpreter as an environment for
exactly this purpose. With "-accessPath directoryList" you can
restrict from where [source] and [load] can use files. Also the safe
interpreter created with "Safe Base" can be configured to see only Tcl
commands, that you allow it to see. If you don't want any file-access,
you simply remove all [file], [open] and others from the interpreter
before executing the script. You can even replace [ope]/[read]/[write]
with your own guarded implementations, so that the executed script can
use those commands, but only in a way you allow it.
I think, this should perfectly match your needs.
HTH
Stephan
.
- Follow-Ups:
- References:
- Restricting execution of the tcl script to a folder or below
- From: fpgabuilder
- Restricting execution of the tcl script to a folder or below
- Prev by Date: Restricting execution of the tcl script to a folder or below
- Next by Date: PSPAD + ramdebugger
- Previous by thread: Restricting execution of the tcl script to a folder or below
- Next by thread: Re: Restricting execution of the tcl script to a folder or below
- Index(es):
Relevant Pages
|
