On Sat, 17 Mar 2001, Ned Konz wrote:

> > As long as UnixOSProcessPlugin.so is not in the search path, it would be
> > safe, right? Should I add an explicit check for the "secure" setting?

Unsafe modules should be handled elsewhere. Lex's suggestion of a list of
"safe" modules sounds okay. A simpler convention could be to only allow
modules that are built into the VM. 

> Of course, I don't know offhand how to check for the sandbox (the Unix VM 
> sources pretty much no-op the security stuff right now).

It's the "secure" global variable in sqXWindow.h.

-- Bert