I made a simplified test case (below), even left out the net-repl part in belief that replacing the eval with sb-eval will do the trick in the end. I have the module structure as intended, but still can't figure out how to give it as an input to the sandbox evaluator. The documentation is there, but a few more examples could make it easier to comprehend, especially when not using built-in modules.
br, jukka --- ;XXX sb-test.rkt XXX #lang racket (require racket/sandbox) (require "sb-functions.rkt") ;(define sb-eval (make-evaluator 'racket/base)) (define sb-eval (make-evaluator ... "sb-functions.rkt" ... ));? ;; these are ok ;(f1) ;bound ;(f2) ;bound ;(f3) ;bound ;(f4) ;unbound ;(f5) ;unbound ;(f6) ;unbound ;; intented sandbox bindings ;(sb-eval 'f1) ;bound ;(sb-eval 'f2) ;bound ;(sb-eval 'f3) ;bound ;(sb-eval 'f4) ;unbound ;(sb-eval 'f5) ;unbound ;(sb-eval 'f6) ;unbound ;(sb-eval 'cdr) ;unbound ;XXX sb-functions.rkt XXX (module sb-functions scheme (require "sb-functions-extra.rkt") (provide f1 f2 f3) (define f1 (lambda () "F-one")) (define f2 (lambda () "F-two")) (define f3 f5); f5 from sb-functions-extra.rkt (define f4 (lambda () "F-four"));not provided! ) ;XXX sb-functions-extra.rkt XXX (module sb-functions-extra scheme (provide f5) (define f5 (lambda () "F-five")) (define f6 (lambda () "F-six")); not provided ) --- > -----Original Message----- > From: sam...@gmail.com [mailto:sam...@gmail.com]On Behalf Of Sam > Tobin-Hochstadt > Sent: 27 June 2011 17:40 > To: Jukka Tuominen > Cc: users@racket-lang.org > Subject: Re: [racket] Limiting net-repl provided functions > > > On Mon, Jun 27, 2011 at 10:08 AM, Jukka Tuominen > <jukka.tuomi...@finndesign.fi> wrote: > > > > So, once I hopefully have it working locally, how do I apply it into the > > net-repl server? I think the following is the correct definition to be > > tweaked (non-modified from net-repl). Do I add the > sandbox-environment to > > evals or something? > > > > (define net-repl-eval > > (let ([eval (current-eval)]) > > You'll want to construct a sandboxed evaluator here, perhaps using > `current-eval'. But more likely, you don't need `current-eval' at > all. To create a sandbox, do something like this: > > (require racket/sandbox) > (make-evaluator 'racket/base) > > That produces a procedure that works like `eval', but in a new sandbox > that only has access to `racket/base'. > > > (lambda (exit) > > (lambda (expr) > > (if (equal? > > (if (syntax? expr) > > (syntax-object->datum expr) > > expr) > > '(#%top-interaction close)) > > (exit) > > (eval expr)))))) > > > > > > br, jukka > > > > > >> -----Original Message----- > >> From: sam...@gmail.com [mailto:sam...@gmail.com]On Behalf Of Sam > >> Tobin-Hochstadt > >> Sent: 27 June 2011 16:53 > >> To: Jukka Tuominen > >> Cc: users@racket-lang.org > >> Subject: Re: [racket] Limiting net-repl provided functions > >> > >> > >> On Mon, Jun 27, 2011 at 9:48 AM, Jukka Tuominen > >> <jukka.tuomi...@finndesign.fi> wrote: > >> > BTW, 'secure' in this context may mean allowing even critical > >> system calls > >> > (say format harddisk), if so specified. But the user should not > >> be able to > >> > do anything else than specified. > >> > >> The `sandbox' infrastructure is fairly flexible. Just by constructing > >> a namespace and doing the `eval' in that namespace, you'll be able to > >> restrict which identifiers the remote user can refer to. If those are > >> very limited, that might be enough for security. > >> > >> >> -----Original Message----- > >> >> From: sam...@gmail.com [mailto:sam...@gmail.com]On Behalf Of Sam > >> >> Tobin-Hochstadt > >> >> Sent: 27 June 2011 16:10 > >> >> To: Jukka Tuominen > >> >> Cc: users@racket-lang.org > >> >> Subject: Re: [racket] Limiting net-repl provided functions > >> >> > >> >> > >> >> On Mon, Jun 27, 2011 at 8:48 AM, Jukka Tuominen > >> >> <jukka.tuomi...@finndesign.fi> wrote: > >> >> > > >> >> > The basic client/server functionality is already working, but > >> >> it's too big a > >> >> > security risk outside LAN use. It seems to be easier to add > >> >> functionality > >> >> > than ripping them off. Perhaps creating a custom #%top > definition to > >> >> > interfere with the default symbol lookup...? > >> >> > >> >> The right place to look is at sandboxes: > >> >> http://docs.racket-lang.org/reference/Sandboxed_Evaluation.html > >> >> and namespaces: > >> >> http://docs.racket-lang.org/guide/mk-namespace.html > >> >> > >> >> -- > >> >> sam th > >> >> sa...@ccs.neu.edu > >> > > >> > _________________________________________________ > >> > For list-related administrative tasks: > >> > http://lists.racket-lang.org/listinfo/users > >> > > >> > >> > >> > >> -- > >> sam th > >> sa...@ccs.neu.edu > > > > _________________________________________________ > > For list-related administrative tasks: > > http://lists.racket-lang.org/listinfo/users > > > > > > -- > sam th > sa...@ccs.neu.edu _________________________________________________ For list-related administrative tasks: http://lists.racket-lang.org/listinfo/users
