Home Explore Help
Sign In
maximed
/
guile
mirror of https://git.savannah.gnu.org/git/guile.git
Watch 1
Star 0
Fork 0
Files Issues 0 Wiki
Branch: wip-gnulib-update
Branches Tags
guile
/
examples
/
safe
/
safe

safe 2.5 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586 
  1. #! /usr/local/bin/guile -s
    2. 

  2. !#
    3. 

  3. ;;; examples/safe/safe -- Example for safe (sand-boxed) evaluation.
    4. 

  4. 

  5. ;;; Commentary:
    6. 

  6. 

  7. ;;; This is a demo program for evaluating arbitrary (untrusted) Scheme
    8. 

  8. ;;; code in a controlled, safe environment.  Evaluation in safe
    9. 

  9. ;;; environments restricts the evaluated code's access to some given
    10. 

  10. ;;; primitives, which are considered `safe', that means which cannot
    11. 

  11. ;;; do any harm to the world outside of Guile (creating/deleting files
    12. 

  12. ;;; etc.)
    13. 

  13. ;;;
    14. 

  14. ;;; *Note* that the files in this directory are only suitable for
    15. 

  15. ;;; demonstration purposes, if you have to implement safe evaluation
    16. 

  16. ;;; mechanisms in important environments, you will have to do more
    17. 

  17. ;;; than shown here -- for example disabling input/output operations.
    18. 

  18. 

  19. ;;; Author: Martin Grabmueller
    20. 

  20. ;;; Date: 2001-05-30
    21. 

  21. 

  22. ;;; Code:
    23. 

  23. 

  24. ;; Safe module creation is implemented in this module:
    25. 

  25. ;;
    26. 

  26. (use-modules (ice-9 safe))
    27. 

  27. 

  28. ;; This is the main program.  It expects one parameter in the format
    29. 

  29. ;; returned by (command-line) and expects that exactly one file name
    30. 

  30. ;; is passed in this list (after the script name, which is passed as
    31. 

  31. ;; the 0th parameter.)
    32. 

  32. ;;
    33. 

  33. ;; The given file is opened for reading, one expression after the
    34. 

  34. ;; other is read and evaluated in a safe environment.  All exceptions
    35. 

  35. ;; caused by this evaluation are caught and printed out.
    36. 

  36. ;;
    37. 

  37. (define (main cmd-line)
    38. 

  38. 

  39.   ;; Internal definition of the procedure which prints usage
    40. 

  40.   ;; information.
    41. 

  41.   ;;
    42. 

  42.   (define (display-help)
    43. 

  43.     (display "Usage: safe FILENAME")
    44. 

  44.     (newline)
    45. 

  45.     (quit 1))
    46. 

  46. 

  47.   ;; Check that we received exactly one command line argument after
    48. 

  48.   ;; the script name
    49. 

  49.   ;;
    50. 

  50.   (if (not (= (length cmd-line) 2))
    51. 

  51.     (display-help)
    52. 

  52.     (let ((port (open-input-file (cadr cmd-line)))
    53. 

  53. 

  54. 	  ;; Create the safe module.
    55. 

  55. 	  (safe-module (make-safe-module)))
    56. 

  56. 

  57.       ;; Read one expression a time.
    58. 

  58.       (let lp ((expr (read port)))
    59. 

  59. 	;; End of file? -> Return.
    60. 

  60. 	(if (eof-object? expr)
    61. 

  61. 	  #t
    62. 

  62. 	  (catch #t
    63. 

  63. 	    (lambda ()
    64. 

  64. 	      ;; Evaluate the expression in the safe environment.
    65. 

  65. 	      (eval expr safe-module)
    66. 

  66. 	      ;; ... and read the next expression if no error occured.
    67. 

  67. 	      (lp (read port)))
    68. 

  68. 

  69. 	    ;; Handle exceptions.  This procedure will be called when an
    70. 

  70. 	    ;; error occurs while evaluating the expression.  It just
    71. 

  71. 	    ;; prints out a message telling so and returns from the
    72. 

  72. 	    ;; evaluation loop, thus terminating the program.
    73. 

  73. 	    ;;
    74. 

  74. 	    (lambda args
    75. 

  75. 	      (display "** Exception: ")
    76. 

  76. 	      (write args)
    77. 

  77. 	      (newline))))))))
    78. 

  78. 

  79. ;; Start the main program.
    80. 

  80. ;;
    81. 

  81. (main (command-line))
    82. 

  82. 

  83. ;; Local variables:
    84. 

  84. ;; mode: scheme
    85. 

  85. ;; End:
    86. 

  86.