Browse thread
Securely loading and running untrusted modules
[
Home
]
[ Index:
by date
|
by threads
]
[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
| Date: | -- (:) |
| From: | Richard Jones <rich@a...> |
| Subject: | Re: [Caml-list] Securely loading and running untrusted modules |
On Tue, Apr 05, 2005 at 04:09:05PM +0200, Alex Baretta wrote:
> alex@alex:~$ ocaml
> Objective Caml version 3.08.2
>
> # external pizza : 'a -> 'b = "%identity";;
> external pizza : 'a -> 'b = "%identity"
> # pizza 1 = "pasta";;
> Segmentation fault
Dynlink allows me to specify that modules can't use unsafe features,
so such declarations wouldn't be permitted.
A much more serious problem which I've just found is that _any_ module
(even the empty module) seems to require Pervasives. Thus it seems to
be impossible to create any OCaml code which could be loaded by
Dynlink where Dynlink.allow_only does not specify "Pervasives".
rich@arctor:/tmp$ rm test_module.ml
rich@arctor:/tmp$ touch test_module.ml
rich@arctor:/tmp$ ocamlc -c test_module.ml
rich@arctor:/tmp$ ocamlobjinfo test_module.cmo
File test_module.cmo
Unit name: Test_module
Interfaces imported:
71f888453b0f26895819460a72f07493 Pervasives
f7db4d58568a6e5a2cfe62ef59a52df1 Test_module
Uses unsafe features: no
rich@arctor:/tmp$ ./test
Dynlink: no implementation available for Pervasives
Rich.
--
Richard Jones, CTO Merjis Ltd.
Merjis - web marketing and technology - http://merjis.com
Team Notepad - intranets and extranets for business - http://team-notepad.com