Version française
Home     About     Download     Resources     Contact us    
Browse thread
Sand-boxing
[ Home ] [ Index: by date | by threads ]
[ Search: ]

[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
Date: -- (:)
From: Alain Frisch <Alain.Frisch@i...>
Subject: Re: [Caml-list] Sand-boxing
pierre chambart wrote:
> You can use the dynlink library.
> When you load module with that, you can specify the modules that can't
> be accessed from the loaded code.

This can catch some errors, but it is not a real security
mechanism! The "security model" relies on the assumption that the loaded
modules have been produced by ocamlc from well-typed programs that don't
use unsafe features. The bytecode interpreter does not try to protect
itself against ill-behaved code at all.

  Alain