Re: Restricting execution of the tcl script to a folder or below

On Aug 31, 8:02 am, ican...@xxxxxxxxx wrote:
On Aug 31, 3:33 am, skuha...@xxxxxx wrote:



Hello

Now I can see a lot of resources to setup the communication. What I do
not know is how can I prevent accidental or rogue script from causing
damage to the files outside of the folder from which it is supposed to
execute. Is this even possible?

Yes, you should read about "Safe Base" here:http://www.tcl.tk/man/tcl8.4/TclCmd/safe.htm
It allows you to create a safe interpreter as an environment for
exactly this purpose. With "-accessPath directoryList" you can
restrict from where [source] and [load] can use files. Also the safe
interpreter created with "Safe Base" can be configured to see only Tcl
commands, that you allow it to see. If you don't want any file-access,
you simply remove all [file], [open] and others from the interpreter
before executing the script. You can even replace [ope]/[read]/[write]
with your own guarded implementations, so that the executed script can
use those commands, but only in a way you allow it.

I think, this should perfectly match your needs.

HTH
Stephan

Armed with the safe interpreter you might want to look at the sample
tclet code associated with the SIMPL project to facilitate the
"sending the result back" portion of your problem.

https://sourceforge.net/projects/simplhttp://users.netrover.com/~ican/simpl

In particular you might want to look at the browserless applet example
in my recent SIMPL presentation to a local LUG in town.

http://www.icanprogram.com/hosug

If you need further help with this stuff, contact me offline and I'll
be glad to share my expertise.

bob

Stephan, Bob,
Thank you for the pointers. Yes! Looks like the safe base will do
everything that I want. Awesome!

.

Relevant Pages

  • Re: Restricting execution of the tcl script to a folder or below
    ... not know is how can I prevent accidental or rogue script from causing ... It allows you to create a safe interpreter as an environment for ... interpreter created with "Safe Base" can be configured to see only Tcl ... use those commands, but only in a way you allow it. ...
    (comp.lang.tcl)
  • Re: Restricting execution of the tcl script to a folder or below
    ... not know is how can I prevent accidental or rogue script from causing ... interpreter created with "Safe Base" can be configured to see only Tcl ... Armed with the safe interpreter you might want to look at the sample ... tclet code associated with the SIMPL project to facilitate the ...
    (comp.lang.tcl)