Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search

[REBOL] Re: load and mold/all security issue

From: rotenca:telvia:it at: 25-Sep-2003 15:17

Hi Volker, i'm not sure you are right, wgen you say:
> someone sends you data. you load it. you expect something like > o: context [ a: 1 b: 2] > you code "do-something-with o/a" > somebody sends you > o: context[ a: 1 b: func[][ take-over-system ] ]
Doing a loaded program cannot be sure. The same can happen with
> somebody sends you
o: [ take-over-system] if you do it in a way or in another: do o context o do does o What you say would be true only if no word would be binded to the global context, but this happens only with functions and object. I understand that a word cannot be serialized in every situaltion, but i think that it should be or binded to a serialized upper level context o to the global context. Until yesterday i thought that mold/all was a more general version of mold, but now i am convinced hat it is a different tool, which can be used only to serialize a speficic kind of Rebol data (no words). I also ask why to serialize a function which cannot be used like a function. If only security is the target, mold/all should not serialize any function at all. I also ask why words in blocks are binded and not word in objects or functions. --- Ciao Romano