Browse thread
Securely loading and running untrusted modules
[
Home
]
[ Index:
by date
|
by threads
]
[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
| Date: | -- (:) |
| From: | Jacques Garrigue <garrigue@m...> |
| Subject: | Re: [Caml-list] Securely loading and running untrusted modules |
From: Richard Jones <rich@annexia.org> > A much more serious problem which I've just found is that _any_ module > (even the empty module) seems to require Pervasives. Thus it seems to > be impossible to create any OCaml code which could be loaded by > Dynlink where Dynlink.allow_only does not specify "Pervasives". This is why there is a compiler option named -nopervasives. Basically your approach is right. If you compile the .ml files yourself, this is safe, as long as there is no bug in the compiler. Since there are certainly some, you have to follow messages on the list and upgrade the compiler when needed, as for any security issue... Jacques Garrigue