Anyone ever done this?
[1/5] from: edanaii::cox::net at: 10-Aug-2002 7:01
All, I've written an email program that connects to a mailbox and then processes the mail based on a defined set of rules. It matches the Subject line of the email, then performs a specified action based on that match. Next, I created a "Rule" whose specified action was to execute the text body of the email. Then I sent it an email with an embedded REBOL program. It executed it without problems. Pretty damn cool! :) The implication for me is that I can actually control my email program through email. I can twist it and tweak it as needed remotely. Has anyone ever done anything similar with REBOL? Just wondering.... -- Sincerely, | For Everything there is a season and a time for Ed Dana | every purpose, under Heaven. A time of love, a Software Developer | time of hate. A time of war, a time of peace. A 1Ghz Athlon Amiga | time that you may embrace, a time to refrain from | embracing -- Ecclesiastes, the Bible. =========== http://OurWorld.CompuServe.com/Homepages/EDanaII ===========
[2/5] from: brett:codeconscious at: 11-Aug-2002 0:25
Haven't actually done that, but have thought about doing it for a while. Only problem is how do you check that you can trust the code that you receive? Even if it is on an internal LAN, you have to consider the possibility of the LAN being opened in the future (accidently or otherwise). I wrote this http://www.codeconscious.com/rebol/articles/x-internet-security.html prior to the new test versions of REBOL and while it mentions Rugby it is still relevent to what you are doing. You might want to look at it. I'd say if you keep your script, make it into a dialect and add some authentication mechanism to it - otherwise you might have some unexpected results :^) I believe some time ago Ladislav and Jeff (?) worked on a script that could deal with untrusted code in a fairly robust manner, but I cannot remember the details. Now after getting the cautions out of the way - it does sound cool. Exactly why REBOL was designed like it is I imagine. :^) Regards, Brett.
[3/5] from: cybarite:sympatico:ca at: 10-Aug-2002 11:28
[REBOL] Anyone ever done this? Hi Ed, Sounds good. I resurrected Carl's SELMA script a few months ago because I wanted to have my own list server. In the outa-the-box version that Carl S published it parses the address line for instructions. It did not have embedded REBOL scripts running but that should be easy to add. I am interested in how you will add authentication / authorization for what those scripts do or maybe the better question is do you want to allow dynamic code in this manner. The SELMA solution allowed me to add some limited function and just use one of the additional email addresses that my ISP provides.
[4/5] from: edanaii:cox at: 11-Aug-2002 9:10
The program was written to replace functionality in M$ OutHouse. We had run into sever limitations with the total number of Rules it could store. This was a "known limitation" of the software, so we needed an alternative. I wrote the REBOL program such that when I defined a Rule, I could execute an Object or piece for REBOL code. It followed logically then, that if I could embed and Object or code into my Mail Rules and call it in REBOL, I could therefore embed the code in a mail message and execute that. So I did it as a proof-of-concept, more than anything else. So no thought has been given to authentication, and, honestly, I'm not worried about it. This particular application will be protected by the security by obscurity concept. I.e. the only people who know the mail address will be the people I work with. In addition, it will only execute the code _if_ the proper entry is made in the Subject Line. Of course, if I must secure it, I can always add an list of valid email that can execute REBOL code through the application, and add passwords, as well. As to dialecting, I'm still a relative newbie to REBOL; I haven't had a chance to get familiar with the concept yet. And to your final point, yes, that is definitely what REBOL was intended to do, which is exactly why I decided to do it as a proof-of-concept. And it worked quite nicely, too. :) Brett Handley wrote:
>Haven't actually done that, but have thought about doing it for a while. >Only problem is how do you check that you can trust the code that you
<<quoted lines omitted: 12>>>Now after getting the cautions out of the way - it does sound cool. Exactly >why REBOL was designed like it is I imagine. :^)
-- Sincerely, | When we remember we are all mad, the mysteries of Ed Dana | life disappear and life stands explained. Software Developer | -- Mark Twain 1Ghz Athlon Amiga |
[5/5] from: edanaii:cox at: 11-Aug-2002 9:15
>[REBOL] Anyone ever done this? >Hi Ed,
<<quoted lines omitted: 4>>>or maybe the better question is do you want to allow dynamic code in this manner. >The SELMA solution allowed me to add some limited function and just use one of the additional email addresses that my ISP provides.
Well, of course the big "S" will have done this. :) This is his baby, so I imagine he's tested everything about it. As I pointed out to Brett, I did it more as a proof-of-concept, so authentication was never considered. The advantage, for me, of my dynamic code, is if the application fails, or is sending out alarms, I can send a command to restart it, or tell it to shut up. All I have to do is send it an email and tell it to "get a grip". :) -- Sincerely, | When we remember we are all mad, the mysteries of Ed Dana | life disappear and life stands explained. Software Developer | -- Mark Twain 1Ghz Athlon Amiga |
- Quoted lines have been omitted from some messages.
View the message alone to see the lines that have been omitted