Re: [Chicken-users] Packaging libraries securely

chicken-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Chicken-users] Packaging libraries securely

From:	felix winkelmann
Subject:	Re: [Chicken-users] Packaging libraries securely
Date:	Wed, 8 Aug 2007 14:46:55 +0200

On 8/8/07, Tony Sidaway <address@hidden> wrote:
>
> And so on.
>
> It seems to me that I need to do this otherwise just about everything
> in the namespace will be available at runtime, co-optable for bad
> stuff.
>
> Or am I just being a silly sausage?  Is there a better way of doing this?

The sandbox egg will be the only thing that gives a bit of security, but
it provides only a very basic Scheme dialect and is pretty slow.
The only (somewhat brute-forcish) solution that comes to mind is
to compile to a static executable and hack somethhing together with
rlimit and chroot(1).

cheers,
felix

[Prev in Thread]

Current Thread

[Next in Thread]

[Chicken-users] Packaging libraries securely, Tony Sidaway, 2007/08/08
- Re: [Chicken-users] Packaging libraries securely, Peter Bex, 2007/08/08
- Re: [Chicken-users] Packaging libraries securely, felix winkelmann <=
  - Re: [Chicken-users] Packaging libraries securely, felix winkelmann, 2007/08/09

Prev by Date: Re: [Chicken-users] New egg: pyffi
Next by Date: [Chicken-users] Problem with sqlite3 egg
Previous by thread: Re: [Chicken-users] Packaging libraries securely
Next by thread: Re: [Chicken-users] Packaging libraries securely
Index(es):
- Date
- Thread