View · Search · Index
No registered users in community xowiki
in last 10 minutes

RE: [Xotcl] Re: Safe interp for xotcl

From: Jeff Hobbs <jeffh_at_ActiveState.com>
Date: Mon, 4 Apr 2005 10:13:41 -0700

Gustaf Neumann wrote:
> Since xotcl uses ordinary tcl interps, i would assume, it
> inherits the safetiness of save tcl interps. Since xotcl does
> not do any socket handling, file-i/o, exec's, etc., i would
> think, this is a good start. If you see commands that we
> should deactivate in safe interps, please let me know.

You have to be careful with anything you add at the C level for
safe interps. Whatever you create in Tcl in safe interps is by
definition safe (if you aren't aliasing into the master), because
of the model. However, in C you can expose anything. While you
might not directly expose exec, IO, etc., you have to consider
how you might indirectly expose that functionality and how a user
might exploit that. I'm not saying that xotcl does, but you
should just consider the implications of each C-based command
individually. You also have the Tcl_IsSafeInterp C API for
variant behavior in safe interps.

  Jeff Hobbs, The Tcl Guy
  http://www.ActiveState.com/, a division of Sophos