View · Search · Index
No registered users in community xowiki
in last 10 minutes

RE: [Xotcl] Re: Safe interp for xotcl

From: Jeff Hobbs <jeffh_at_ActiveState.com>
Date: Mon, 4 Apr 2005 13:23:10 -0700

Ben Thomasson wrote:
> Considering there is a safe interp in Tcl, there should be
> extensive unit testing that can be run in regression to make
> sure any new functionality like this does not break the
> security model. Does Tcl have regression tests (tcltest or
> other) that exercise the ability of safe interp to stop

Yes, Tcl has testing for its core safe functionality, as does Tk.

> dangerous code? If there is, then these tests could be run
> in at least Object eval to whether this simple
> approach would work. If not, there should be. Or is the
> security model based
> on proving the safety of an interp by analysis of the code?
> If you take this second approach them much more work must be
> done before xotcl includes this code for the safe interp.

The point is that xotcl could expose its own set of unsafe
functionality - like a completely alternative FS API. How
would that ever be covered by the Tcl test suite?

> ps ( In open source projects, is it the person who comes up
> with the idea who is the person to implement it? Dang. )

You betcha - you're hired! ;) I don't think it is actually
that much work in xotcl's case, I'm just saying that it should
not be rubber-stamped.

Jeff