[REBOL] Re: SDK licensing issues
From: SunandaDH:aol at: 2-Feb-2006 4:41
Ladislav:
> an interesting discussion
Thanks. It is.
I once toyed with the idea of allowing Library members to upload arbitrary
code that REBOL.org would execute on their behalf.
The theory being that it would allow the ultimate level in customization of
the services the Library provides -- instead of being limited to the preference
checkboxes on configuration panels, your arbitrary code could filter or
enhance the stuff the CGI scripts produce.
The idea got put aside for two reasons. One was the licensing -- which
appears now to be a resolved issue.
The other was (as Carl exactly puts it in the dialog you've pointed us to)
Ah... That's really dangerous.
We would need to ensure that any arbitrary code had no access to all sorts of
things that a stand-alone REBOL script can do. One worse-case scenario is
that a spammer writes a script that sends a bazillion emails and we run it for
them.
Running arbitrary code safely requires more than a sandbox: more of a
blast-proof bunker.
Some parts of such a bunker can be constructed by unsetting or modifying
mezzanines (disabling send is an easy one).
But other parts are not so easy -- how to stop a script overwriting part of
the system object, or running for more than 1 second, or writing more files
than we have a quota for?
That level of security needs some support at the built-in / native level.
Sunanda