If I make a symbol with `gensym` (or do anything else that creates a new 
value that's not `eq?` to any other value) in some module, what are the 
absolute upper limits on my ability to use that symbol within the module 
without allowing any other modules to get ahold of the symbol? What do code 
inspectors, namespaces, sandboxes, eval, `unsafe` APIs, the FFI, etc. make 
possible for malicious code in external modules?

Context: I'm exploring a "contract witness" idea whose implementation 
currently relies on the eq?-ness of opaque struct instances for security. 
But I vaguely recall hearing once that the The Only Way To Be Sure when it 
comes to struct encapsulation is to put the definition of a struct inside a 
lambda, otherwise some sort of nebulous "bad things" are possible in 
external code that wants to break the invariants of  a struct type.

-- 
You received this message because you are subscribed to the Google Groups 
"Racket Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to racket-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to