World: r3wp
[Core] Discuss core issues
older newer | first last |
Robert 28-Apr-2008 [10321x2] | This should give >> 2 |
I know there is some "safe" way to do it but can't remember. | |
Dockimbel 28-Apr-2008 [10323x2] | if a & b are locally defined, you should first BIND the block to execute like this : do bind code-to-execute 'a |
A "safe" way (preventing malicious code) could be to parse your block to execute and allow only some words. In others words, you can achieve safety by filtering the code to execute using a reduced dialect of REBOL. You could also just define some additional local words to "disable" them (like: halt, quit, call, etc...) There's several approches, they depend on what "safe" means to you in this context. | |
Oldes 28-Apr-2008 [10325] | Is it a bug or there is some system limitation which prevents to set a modification-date of folder? |
Robert 28-Apr-2008 [10326] | Doc, thanks. Has anyone written a rebol code stripper to make a safe (not harming the executing process) way to execute code-from-the-wire? |
btiffin 28-Apr-2008 [10327] | Maxim once mentioned that he spent a lot of time sandboxing his Elixir engine. iirc, he was confident enough to let it be open to random code. |
BrianH 28-Apr-2008 [10328] | That may not be technically possible in R2, once the code is loaded, but should be possible in R3, in theory. You could still be vulnerable to interpreter bugs that can crash REBOL, but you could sandbox against attempts to break the sandbox. |
[unknown: 5] 28-Apr-2008 [10329] | How is that done in R3? |
BrianH 28-Apr-2008 [10330x2] | Well, for starters: - Words are unbound by default. - Modules only load the contexts they are told to. - Reflection is done by a separate native with some mezzs wrapped around it, not the ordinals. |
This means (respectively to the above): - You don't have to block everything, you can just allow what you want. - You can just sandbox a module by having it not load the system context, or load your own substitute. - You only have to eliminate one function to close the reflection hole, rather than replacing the ordinals with mezzs, slowing down all code. | |
Henrik 28-Apr-2008 [10332] | hmm... why does launch/quit not work with URLs? |
[unknown: 5] 28-Apr-2008 [10333] | Thanks Brian, I suppose I will have to get exposed to that nature to understand it. |
BrianH 28-Apr-2008 [10334] | Same here: Modules aren't anywhere near done yet :( |
Henrik 28-Apr-2008 [10335x2] | the same when I use: launch http://somewherequit I wonder what the issue is here. |
weird.. launch http://somewherewait 0.01 quit works | |
Graham 28-Apr-2008 [10337x2] | Oldes - it's a very old bug |
We should try and get that fixed for 2.7.7 | |
Henrik 29-Apr-2008 [10339] | I'm (again) studying how to get LAUNCH to accept args when launching a script, when I came across this in the SDK manual: For example, if you want to launch a second copy of your program to process an action: launch -c do-it" It says it's a special function of encapped programs, but does -c do the same thing as for an ordinary rebol executable, namely --cgi? When using the same string in a regular rebol console, I get just the help output as if the argument list was wrong. It won't accept any other arguments except if the script name is passed as a string. |
Anton 29-Apr-2008 [10340] | Oldes, modification date - can you post to Rambo. |
[unknown: 5] 29-Apr-2008 [10341x2] | Is this a bug?: >> to-block mold [<] ** Syntax Error: Invalid tag -- < ** Near: (line 1) to-block mold [<] |
You might ask why would someone want to mold a block and then use to-block on it. If you have added a block via the console across more than one line you will pick up the newline character in your block which you can trim/lines on if you mold the block. | |
BrianH 29-Apr-2008 [10343x2] | Just a syntax side effect. Try: to-block mold [ < ] |
< is normally part of a tag, but there is an exception made for when it is surrounded by spaces. | |
[unknown: 5] 29-Apr-2008 [10345x3] | Yeah but that would still be a bug wouldn't it? |
>> to-block mold [ < ] ** Syntax Error: Invalid tag -- < | |
>> attempt [to-block mold [<]] ** Syntax Error: Invalid tag -- < ** Near: (line 1) attempt [to-block mold [<]] | |
BrianH 29-Apr-2008 [10348] | Unfortunately, there are some REBOL values that mold to bad syntax. [<] is bad syntax. |
[unknown: 5] 29-Apr-2008 [10349] | Yeah. I'm finding that out. What about the attempt? Shoudn't that have contained the error? |
BrianH 29-Apr-2008 [10350] | >> attempt [to-block mold [ < ]] == none |
[unknown: 5] 29-Apr-2008 [10351x2] | what version is that? |
ok I see I didn't have the spaces on the attempt one | |
BrianH 29-Apr-2008 [10353] | In your version, the syntax error was at load time, before the attempt was called. |
[unknown: 5] 29-Apr-2008 [10354] | This isn't good for dynamic data. If something is populated dynamically then would have to account for the spaces and check the dynamic data. |
BrianH 29-Apr-2008 [10355] | >> mold [ < ] == "[<]" |
[unknown: 5] 29-Apr-2008 [10356x2] | Yeah but that isn't acceptable for me. |
I would classify that as a workaround and the problem still to be a bug. | |
BrianH 29-Apr-2008 [10358] | I said it was unfortunate :( |
[unknown: 5] 29-Apr-2008 [10359] | hehe |
BrianH 29-Apr-2008 [10360] | It used to be the case for to-file "" too. |
[unknown: 5] 29-Apr-2008 [10361] | ahhh well hopefully we can get it fixed. |
BrianH 29-Apr-2008 [10362] | >> [>] == [>] Not a problem for < |
[unknown: 5] 29-Apr-2008 [10363] | Yeah just the one needs fixed then. |
BrianH 29-Apr-2008 [10364] | >> [< [ ] == [< ] |
[unknown: 5] 29-Apr-2008 [10365] | yeah that is why I need the mold to trim the lines from something like that. |
BrianH 29-Apr-2008 [10366x2] | >> [ < ] == [<] >> new-line [ < ] true == [ < ] |
Same value, different display. | |
[unknown: 5] 29-Apr-2008 [10368] | >> c == "[<]" >> d: [] == [] >> append d to-word c == [[<]] >> e: first d == [<] |
BrianH 29-Apr-2008 [10369x2] | >> mold new-line [< ] true == "[^/ <^/]" |
It's a little longer, but at least it will load and have the same value. | |
older newer | first last |