Mailing list home
  Find posts   Help

Latest messageRecent messages

In this thread:
 First
 Prev
 Next
 See whole thread
By msg id:
 Prev: 21 Aug 2000 17:22
 Next: 21 Aug 2000 19:53

Other threads:
 Prev: error when processing multiple web pages!!
 Next: interesting article - Why compilers are do

Same author:
 Prev: 21 Aug 2000 11:46
 Next: 21 Aug 2000 13:04

 Random message

Indexes:
 By topic
 By date
 By author
 By subject
Join the Mailing List....
AccessibilityAbout / FAQ
Member's loungeContact/FeedbackOther REBOL links
Membership:
member name

password

Remember?

Not a member? Please join
24-Apr 4:00 UTC
[0.05] 9.922k
Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search
 

[REBOL] A small security hole REBOL, and a huge one! Re:(5)

From: brian:hawley:bigfoot at: 21-Aug-2000 12:32


Jeff ([jeff--rebol--net]) wrote:

>Launch, at least in its present form, will not likely be in
>the regular distribution.  It went out in the windows view
>version by accident.


Good to hear. What do you think about my suggestion for the
changes to the function interface? I think it would help...

I sent that message to Feedback as well but I got no reply.
Did it go through?


>The security risks of modifiable REBOL code will be best
>dealt with by modules.  Untrusted REBOL code can evaluate in
>a module prevented from affecting the surrounding execution
>environment.


I'd be curious to see how that is done. The current module
spec doesn't prohibit the kind of change to the code of the
mezzanine functions that I outlined, nor the hacks involving
changes to the specs that Ladislav mentioned.

The problem with the current module spec is that once you
make a function visible inside a module so that it can be
used there, that function can be modified. The problem is
not with the security of modules, but that of functions.

I suppose that it would be too expensive to copy/deep the
code blocks and specs when second and third are applied to
functions. Perhaps a way of marking those values as read-
only once they have been used in a function, maybe with a
copy-on-write strategy? That would at least protect the
inner workings of functions. Protect the specs too so that
Ladislav's hack won't work either.

Don't misunderstand, I'm as much a fan of self-modifying
code as the next mad scientist - it's just that I'm willing
to give up modifiable functions for security reasons. We
should be able to get by with replaceable functions, since
we can easily track assignment if we want to. If we still
need self-modifying code we can still do blocks.


>Besides, only good hackers use REBOL!  ;-)  Why would
>someone be so evil as to make good little REBOL do
>something bad?! (-;


A jealous Perl enthusiast, perhaps? :-)

Brian Hawley

1 · 2 · 3 · 4 · 5 · [6] · 7 · See whole thread