tags:

views:

93

answers:

3
+2  Q: 

Which languages have readily available safe evaluation environments?

I'm speaking specifically of something like the PLT Scheme make-evaluator.

It will run scheme code, but under certain conditions:

  • It only uses a definable amount of memory, and will quit execution if the script needs more
  • It behaves similarly with time
  • It restricts all IO except for what I specifically allow in the code

Is anyone familiar with anything else that can do this?

A: 

PHP allows something similar with eval - though you would need to set some restrictive values with ini_set before calling it, and they would affect the current script as well.

George Edison  2010-01-26 18:27:22
+1  A: 

Lua lets you easily define sandboxes with as much or as little power you want.

Javier  2010-01-26 19:06:19
This looks much less powerful than the PLT sandbox -- specifically, without restricting runtime and memory the whole thing is ultimately not really safe in the sense that would let you run random user code on your own server. Another problem is the need to control IO by restricting the names in the sandboxed environment -- the plt sandbox restricts IO regardless of names (which makes it possible to allow certain paths in). Also, cummunicating with the sandbox via setting values doesn't seem too attractive...
Eli Barzilay  2010-01-26 21:00:27
there are hooks in the C api that can be used to restrict time and/or memory, the mailing list archive might be a better place to search. replacing the standard IO with one that checks your policy rules is less than 200 lines of Lua. As many things in Lua, you have to roll your own, but it's very easy to do. If you need a fully prebuilt system, Lua is not for you.
Javier  2010-01-26 22:38:05
I doubt that there are hooks that can be used to restrict the memory of a sandboxed environment in an otherwise unrestricted environment -- that's *much* more involved than a few hooks. Same goes for standard IO -- what about a sandbox that can do *full* IO to one directory, read-only from another, and network to a single IP?
Eli Barzilay  2010-01-27 02:40:37
A: 

The Java platform provides fine-grained access control and sandboxing. This isn't exactly equivalent to make-evaluator but the API allows you to place constraints on arbitrary objects (through the GuardedObject class). You can also restrict permissions of classes loaded from a particular source.

It might be helpful to read the Java Platform Security Architecture spec

Please note that Java APIs can be accessed from most languages on the jvm.

Felix Lange  2010-02-04 13:51:03

related questions

Will Lisp ever become super popular?
How do you quantify the advantages of programming environments?
Best tool for the job: cross-platform, open source, on- and off-line tool development.
What are the first tasks for implementing Unit Testing in Brownfield Applications?
What is the best multi-platform RAD language?
What to Learn after C++?
An IDE for D
Impressions of D?
What are the preferred conventions in naming attributes, methods and classes in different languages?
What programming language is most popular today?
What languages support covariance on inherited methods' return types?
What are the primary differences between Haskell and F#?
What do you think about the Eiffel programming language?
Something other than C#
Why functional languages?
Is Scala the next big thing?
How important is the choice of language to the success of a project?
What makes a language Object-Oriented?
What languages have the best/worst documentation and support communities?
New language to learn for a business applications developer
One book to learn/get introduced to a programming language
Language Books/Tutorials for popular languages
What is the hardest language to learn?
If you knew then what you know now, what language(s) will you start learning first?
What is the easiest language to start with?