On Fri, Oct 22, 2021 at 12:43 PM Matthew Flatt <[email protected]> wrote:
> At Thu, 21 Oct 2021 07:37:12 -0700 (PDT), "[email protected]" wrote: > > I've read about protect-out and current-code-inspector, but I still > cannot > > understand, how to require a module and forbid it to run protected > modules. > > > > Something like (require untrusted-foo) (foo-proc) but to forbid foo-proc > to > > use ffi/unsafe. > > If you use > > (current-code-inspector (make-inspector)) > (require untrusted-foo) > > Just in case: I think Matthew as thinking of two subsequent REPL interactions (or calls to eval or suchlike). If you put those two together into a file in #lang racket, say, you won't be protected against untrusted-foo. Robby > and assuming that `untrusted-foo` hasn't been loaded earlier, then > `untrusted-foo` will not be able to use protected binding. > > That sequence will also disable the use of protected bindings by > anything that `untrusted-foo` depends on and that hasn't already been > loaded. So, if you want those dependencies to be able to use untrusted > things, you need to load the before `(current-code-inspector > (make-inspector))`. > > -- > You received this message because you are subscribed to the Google Groups > "Racket Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/racket-users/20211022114302.3e4%40sirmail.smtps.cs.utah.edu > . > -- You received this message because you are subscribed to the Google Groups "Racket Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/racket-users/CAL3TdOOU-X5K1iy2%3DCw64eSgHi2kbCkBr%3Dz%2BuQxhnrwNCwdHOw%40mail.gmail.com.
