Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  nodelist  faq  login

Computer programs expand so as to fill the core available.


programming / comp.lang.tcl / Re: tcllibc in a safe interpreter

SubjectAuthor
* tcllibc in a safe interpreterJulian H J Loaring
`* Re: tcllibc in a safe interpreterapn
 `- Re: tcllibc in a safe interpreterJulian H J Loaring

1
Subject: tcllibc in a safe interpreter
From: Julian H J Loaring
Newsgroups: comp.lang.tcl
Date: Wed, 20 Apr 2022 20:12 UTC
X-Received: by 2002:ad4:5be6:0:b0:446:53cf:7bf7 with SMTP id k6-20020ad45be6000000b0044653cf7bf7mr13419146qvc.94.1650485535397;
Wed, 20 Apr 2022 13:12:15 -0700 (PDT)
X-Received: by 2002:a05:6808:f8e:b0:322:26d2:1ccf with SMTP id
o14-20020a0568080f8e00b0032226d21ccfmr2481592oiw.201.1650485535126; Wed, 20
Apr 2022 13:12:15 -0700 (PDT)
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.lang.tcl
Date: Wed, 20 Apr 2022 13:12:14 -0700 (PDT)
Injection-Info: google-groups.googlegroups.com; posting-host=86.156.228.159; posting-account=KJVGUAkAAADfVRML8CRltN53AIZs95wT
NNTP-Posting-Host: 86.156.228.159
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <61047717-6f95-45fa-857f-1bcda582d862n@googlegroups.com>
Subject: tcllibc in a safe interpreter
From: jhjloar...@gmail.com (Julian H J Loaring)
Injection-Date: Wed, 20 Apr 2022 20:12:15 +0000
Content-Type: text/plain; charset="UTF-8"
Lines: 5
View all headers
I have built tcllib.dylib using critcl but I cannot load it into a Safe Interpreter because there is no Tcllibc_SafeInit entry point.

Is there a way to do this in critcl or should I dust of my C programming skills and try to roll my own DLL?

All help welcome :)



Subject: Re: tcllibc in a safe interpreter
From: apn
Newsgroups: comp.lang.tcl
Organization: A noiseless patient Spider
Date: Fri, 22 Apr 2022 10:58 UTC
References: 1
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: palm...@yahoo.com (apn)
Newsgroups: comp.lang.tcl
Subject: Re: tcllibc in a safe interpreter
Date: Fri, 22 Apr 2022 16:28:15 +0530
Organization: A noiseless patient Spider
Lines: 22
Message-ID: <t3u1o8$cgm$1@dont-email.me>
References: <61047717-6f95-45fa-857f-1bcda582d862n@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Fri, 22 Apr 2022 10:58:16 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="eca34f41c065f35ab7c3dd7ad8e1bec6";
logging-data="12822"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/Dbp8TZiAdMA3xbfZIL60r"
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Thunderbird/91.7.0
Cancel-Lock: sha1:7GHt6pWvKGz5ig0USCJQFo4TDvs=
In-Reply-To: <61047717-6f95-45fa-857f-1bcda582d862n@googlegroups.com>
Content-Language: en-US
View all headers

On 4/21/2022 1:42 AM, Julian H J Loaring wrote:
I have built tcllib.dylib using critcl but I cannot load it into a Safe Interpreter because there is no Tcllibc_SafeInit entry point.

Is there a way to do this in critcl or should I dust of my C programming skills and try to roll my own DLL?

All help welcome :)


I'm afraid I don't know the direct answer to your question. However I would suggest that instead of adding a Tcllibc_SafeInit entry point (if there isn't one), you instead load tcllibc into your (unsafe) master and then alias the specific commands you need into the safe slave taking care that those commands are indeed safe to run within untrusted code.

tcllib is pretty big and includes various system access procedures ranging from file access, process kills etc. I'm not sure how much of that is covered by tcllibc but I would guess the range of commands in tcllib is why a Tcllibc_SafeInit is not provided; many commands may not be appropriate for inclusion into a safe interp.

/Ashok


Subject: Re: tcllibc in a safe interpreter
From: Julian H J Loaring
Newsgroups: comp.lang.tcl
Date: Fri, 22 Apr 2022 21:10 UTC
References: 1 2
X-Received: by 2002:a05:6214:2a8e:b0:443:8a10:c1ca with SMTP id jr14-20020a0562142a8e00b004438a10c1camr4942078qvb.88.1650661827981;
Fri, 22 Apr 2022 14:10:27 -0700 (PDT)
X-Received: by 2002:a4a:dd92:0:b0:33a:2c18:a140 with SMTP id
h18-20020a4add92000000b0033a2c18a140mr2380265oov.8.1650661827747; Fri, 22 Apr
2022 14:10:27 -0700 (PDT)
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.lang.tcl
Date: Fri, 22 Apr 2022 14:10:27 -0700 (PDT)
In-Reply-To: <t3u1o8$cgm$1@dont-email.me>
Injection-Info: google-groups.googlegroups.com; posting-host=86.156.228.159; posting-account=KJVGUAkAAADfVRML8CRltN53AIZs95wT
NNTP-Posting-Host: 86.156.228.159
References: <61047717-6f95-45fa-857f-1bcda582d862n@googlegroups.com> <t3u1o8$cgm$1@dont-email.me>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <2c44f17f-782f-47fd-b64f-629d6ff9b8fcn@googlegroups.com>
Subject: Re: tcllibc in a safe interpreter
From: jhjloar...@gmail.com (Julian H J Loaring)
Injection-Date: Fri, 22 Apr 2022 21:10:27 +0000
Content-Type: text/plain; charset="UTF-8"
Lines: 21
View all headers
On Friday, 22 April 2022 at 11:58:20 UTC+1, apn wrote:
On 4/21/2022 1:42 AM, Julian H J Loaring wrote:
I have built tcllib.dylib using critcl but I cannot load it into a Safe Interpreter because there is no Tcllibc_SafeInit entry point.

Is there a way to do this in critcl or should I dust of my C programming skills and try to roll my own DLL?

All help welcome :)

I'm afraid I don't know the direct answer to your question. However I
would suggest that instead of adding a Tcllibc_SafeInit entry point (if
there isn't one), you instead load tcllibc into your (unsafe) master and
then alias the specific commands you need into the safe slave taking
care that those commands are indeed safe to run within untrusted code.

tcllib is pretty big and includes various system access procedures
ranging from file access, process kills etc. I'm not sure how much of
that is covered by tcllibc but I would guess the range of commands in
tcllib is why a Tcllibc_SafeInit is not provided; many commands may not
be appropriate for inclusion into a safe interp.

/Ashok
Thank you, I think you are right.


1
rocksolid light 0.7.2
clearneti2ptor