On Saturday 17 March 2001 07:11, David T. Lewis wrote:
> On Fri, Mar 16, 2001 at 07:42:59AM -0800, Ned Konz wrote:
> > As an aside, the OSProcess stuff should probably be disabled in a sandbox
> > too if it isn't already (David Lewis, are you listening?).
>
> As long as UnixOSProcessPlugin.so is not in the search path, it would be
> safe, right? Should I add an explicit check for the "secure" setting?

I don't know how much control we have over the search path for libraries; if 
someone has added it to /etc/ld.so.conf, I suspect it's going to get found. 
Or is there an explicit search path for libraries in Squeak?

And on other OS's (I know, OSProcess doesn't do them yet) it may be less 
secure.

Of course, I don't know offhand how to check for the sandbox (the Unix VM 
sources pretty much no-op the security stuff right now).

What I was concerned about is running a Squeaklet off the net that includes 
UnixOSProcess and results in the Plugin.so getting loaded (and then damaging 
stuff on my disk).

-- 
Ned Konz
currently: Stanwood, WA
email:     ned at bike-nomad.com
homepage:  http://bike-nomad.com