Version française
Home     About     Download     Resources     Contact us    

This site is updated infrequently. For up-to-date information, please visit the new OCaml website at

Browse thread
Sandboxing in ocaml
[ Home ] [ Index: by date | by threads ]
[ Search: ]

[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
Date: 2005-03-20 (22:19)
From: Christian Szegedy <szegedy@t...>
Subject: Re: [Caml-list] Sandboxing in ocaml
Jacques Garrigue wrote:

>>Is this possible in ocaml to dynamically load some (bytcode) OCaml file 
>>and run it in a safe environment, that is only using a small subset of 
>>selected functions instead of the whole Pervasives?
>This is the intent of Dynlink.allow_only.
>Not however that allowing is done on a unit base, so if you want to
>allow only some functions in a unit, you must create a new one
>containing only those, and compile your file against those (otherwise you
>won't be able to load it).
>This is the way MMM applets are made safe.
Excellent! This sounds exactly what I want. Can I forbid
the Pervasives unit while linking the applet?

Thanks a lot, Christian