sandboxing doIts
Avi Bryant
avi at beta4.com
Fri Feb 21 09:49:14 UTC 2003
On Thu, 20 Feb 2003, Tim Rowledge wrote:
> > Has anyone else thought about this? Would anyone else find this useful?
> Yup, I need this sort of thing for that test-setting website stuff.
> Haven't got to implement any of it yet, but looking at #scopeHas:ifTrue:
> and considering a private version of Undeclared was suggested. It looked
> promising but I still have it on my to-do list...
What I've done for now is implemented the following on CompiledMethod:
isWebSafe
(self hasLiteralSuchThat: [:ea | ea isVariableBinding ] )
ifTrue: [^ false].
(self messages includesAnyOf: self unsafeSymbols)
ifTrue: [^ false].
(self scanFor: 16r89) ifTrue: [^ false].
(self primitive = 0 or: [self isQuick]) ifFalse: [^ false].
^ true
#unsafeSymbols can be whatever you like... #class, #become:, and #perform:
are obvious candidates.
Checking to see if the method is safe before actually installing it is
easy. And this was a lot simpler than hacking the compiler itself.
Avi
More information about the Squeak-dev
mailing list
|