[REBOL] Re: SDK licensing issues
From: SunandaDH:aol at: 5-Feb-2006 5:08
> That would stop any mail sending.
That solves one problem, but requires third-party software to keep REBOL safe.
And, as Gregg says:
> The allure of configurable apps, with REBOL as a macro language, is
> powerful; but danger doesn't lurk there, it's in plain sight.
How could we safely run *any* REBOL script as a macro language without it
I don't think there is a simply answer to that, and any answer will need RT's
involvement. But here is one possibility
RT create (yet another) REBOL executable called (say) REBOL/Macro.
That contains generally thought of as "safe" code -- say the ability to do
arithmetic, create series, and so on.
But it does not contain native code to do anything "unsafe" -- like send or
read or write and much else.
Instead, those functions are passed back to the invoking program for checking
From the viewpoint of the calling program, it might look something like this:
untrusted-code: read %untrusted-code.r
[send: true ;; allows send without any checking
read: func   ;; function to handle read on behalf of
0:0:02 ;; time quota 2 seconds
Any unsafe function not set to true or given a handler will not be permitted
do-unsafe loads the REBOL-macro interpreter, so the untrusted code has no
access to any mezzanines or the system object of the caller.
The untrusted code is halted (or there may be a call back for confirmation)
after 2 seconds elapse time.
REBOL as its own macro language is a flexible and powerful opportunity to do
some real X-internet applications.....It just needs to be made safe, as Gregg