Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search

[REBOL] Re: Network Guru...

From: brett:codeconscious at: 18-Dec-2001 15:10

Hi Louis,
> I took your advice---read the articles and installed zonealert. Nothing > seems to be trying to access the internet from my computer, so I suppose > that is good news. > However, zonealert shows that rebol is constantly > running, even when my scripts are not running.
Your script example earlier showed this: forever [ do %sendfiles.r ; rebol script to do. wait 00:50:00 ; wait hours:minutes:seconds. ] ZoneAlarm probably *would* indicate Rebol was running but not producing network activity during the 50 minute period for this bit of code. If you were sure that this code or any other Rebol script were not running and yet ZoneAlarm shows Rebol running - then not so good. But I really doubt this. Recheck you setup. Perhaps you are automatically running Rebol on boot up of your machine.
> Since I must manually relax > security (both read and write) for my script to run, and the security
> to stay relaxed after my script runs, I am still concerned.
Security is relaxed for the lifetime of the Rebol interpreter instance you started - unless you set it back. You wording makes me think that you believe %sendfiles.r is the script that you are apply the security setting to. This is not the case. You are applying the security setting to the Rebol interpreter instance that is evaluating the script that has the "forever" loop in it, or whatever calls it.
> Is there some > way the script itself can set security---open the door, do its work, then > shut and lock the door?
I'm not sure you need that because I'm presuming you know exactly what your scripts are doing, probably because you wrote them yourself and so you trust them. If you run your trusted scripts in a relaxed security setting and are confident that those trusted scripts have no possibility of calling or evaluation untrusted scripts or code then I don't think you have a problem. Just let them do their work. If you are using someone else's scripts and you are not confident it is trus tworthy in regards to security, then consider asking about the suspect code on the Rebol mailing list. Security in relation to Rebol hasn't been discussed too much yet. I suggest you read the security section of the Core manual and create some dummy test scripts to see what happens in various situations. Brett