Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search
 

[REBOL] Re: SDK licensing issues

From: volker:nitsch:gm:ail at: 3-Feb-2006 20:33

On 2/3/06, Gregg Irwin <greggirwin-mindspring.com> wrote:
> GS>> Why would a *normal* synapse chat user need a REBOL interpreter? > > VN> Or later to do a quick complex search without need for a fully fledged > VN> dialect first (you know, every sufficiently complex program implements > VN> a lisp-interpreter, sadly even rebol-coders have to do that ;) > > This is one of those wonderful, tricky areas that we don't know much > about yet (IMO); how do we write applications that can safely use > REBOL as their macro language. > > We can be safe by writing a dialect, but that's a lot of work if we > want a powerful macro language, and you may still open up security > holes (probably will as a matter of fact). > > You can't be safe running raw REBOL; even a macro the user writes is > unsafe because it can unintentionally cause harm. Of course, if the > macro code has access to application code, all bets are off about > whether the app will even run. > > The allure of configurable apps, with REBOL as a macro language, is > powerful; but danger doesn't lurk there, it's in plain sight. >
MS uses VB for user-scripting all the time. With regard to internet dangerous, yes. But for a big part because VB cant lock system-access, while 'secure can. With rebol a macro can only harm the application, in VB take over the system. Thats different. Althought 'secure could use improvements, specially restricting network better (to certain hosts/ports only, currently it can play proxy to the internal network). And needs better explanation.
> -- Gregg > > -- > To unsubscribe from the list, just send an email to > lists at rebol.com with unsubscribe as the subject. >
-- -Volker Any problem in computer science can be solved with another layer of indirection. But that usually will create another problem. David Wheeler