On 8 Aug 2006, at 10:03, Michael van der Gulik wrote:

> Hi Howard.
>
> I forgot to mention that the reason I'm doing this is to allow  
> untrusted foreign code to run in the same image as trusted code.  
> Untrusted code must be carefully managed - it must not be able to  
> consume large amounts of memory, CPU or disk space to which it is  
> not entitled. Untrusted code / objects must not prevent trusted  
> code from operating well.

This is not exactly what you asked for, but -

as an experiment why not run your untrusted code in a separate  
image?  If you were running this on unix then you could limit the  
memory given to this separate image - either via say ulimit in the  
shell or something fancier (maybe via the os process plugin).  You  
could then talk to the 'jail' image via remote messaging.  It  
wouldn't take very long to knock up and it might give you interesting  
results early.

As for limiting CPU or disk space that's a bit harder but there are  
various things you could do on Linux to try it out.  Run a separate  
squeak image inside User Mode Linux for example.  That would allow  
finer control of virtual CPU and disk space.

Cheers,

Mike