Why was FFI removed from the 3.0 VM's?
Lex Spoon
lex at cc.gatech.edu
Sun Mar 18 16:34:16 UTC 2001
"David T. Lewis" <lewis at mail.msen.com> wrote:
> On Fri, Mar 16, 2001 at 07:42:59AM -0800, Ned Konz wrote:
> >
> > As an aside, the OSProcess stuff should probably be disabled in a sandbox too
> > if it isn't already (David Lewis, are you listening?).
> >
>
> As long as UnixOSProcessPlugin.so is not in the search path, it would be
> safe, right? Should I add an explicit check for the "secure" setting?
>
There should be some kind of check. The system is intended so that
running with "-secure" gives you a secure VM.
Best would be a list of *allowed* plugins and descriptors, incidentally,
instead of a rejection list....
-Lex
More information about the Squeak-dev
mailing list
|