On Saturday, September 12, 2015 at 8:59:45 PM UTC+2, Matthew Flatt wrote: > I'll adjust the docs to clarify that every module that exists in some > collection is automatically allowed. That fact turns out to be buried > in the description of `sandbox-path-permissions`. The > `#:allow-for-require` argument is intended for listing additional > modules that are not in a collection (e.g., accessed by a relative > path).
> Note that having access to a module doesn't necessarily mean that the > module really can be used. For example, you could change your example > to require `ffi/unsafe`, but attempting to use an export of > `ffi/unsafe` will trigger an access-to-protected-variable error. Having > access to a module just means that the sandbox is allowed to use the > installed module in the same way that it could use a copy of the > module's code and bytecode. Makes sense. Thanks for the prompt answer! > At Sat, 12 Sep 2015 05:23:27 -0700 (PDT), Paolo Giarrusso wrote: > > Hi! I’m confused by the behavior of the Racket sandbox — it doesn’t seem to > > actually restrict module loading as its docs seem to promise. > > > > Alternatively, I'm misunderstanding the docs, and on my system (OS X) > > #:allow-for-require is unneeded altogether. But then, on what systems is it > > required? > > > > > In particular, filesystem access is restricted, which may interfere with > > using modules from the filesystem. > > > > I observed this on the handin server (by accident), and minimized the > > problem > > down to this, so that people not involved with the handin server might take > > a > > look. > > > > Here's the example (also posted as http://pasterack.org/pastes/81863). > > > > ; Tested with Racket 6.2.1, while investigating a problem with the handin > > server. > > > > #lang racket > > (require racket/sandbox) > > (define evaler (make-module-evaluator '(module foo racket (require > > htdp/image) > > 1) #:language 'racket #:allow-for-require '(2htdp/image))) > > > > (evaler '(begin (require htdp/image) (require net/http-client) (circle 20 > > "solid" "red"))) > > > > > > Note I'm using `(require htdp/image)`, which I'd expect to be forbidden — > > in > > both the code passed to make-module-evaluator, and in the code passed to > > the > > resulting evaluator. -- You received this message because you are subscribed to the Google Groups "Racket Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to racket-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
