Comments on: SECURE secure, debug, and protect
These policies have been added to the SECURE function:
| ||secure||secure usage of the SECURE function from changes. This is important, because otherwise any program can change security to whatever it wants.
| ||protect||secure the PROTECT function that protects values, series, objects, and hiding.
| ||debug||secure the TRACE and STACK debugging functions.
secure [secure quit]
will protect your code from changes in security. (Note that not even your own program can change security after that... which is actually the way you want it to work.)
It is likely that there are a few other enhancements needed. One we need for sure is the security requestor (popup) to request changes to security (the ASK action.)
See the SECURE function for details.
Does SECURE protect secure all uses of the PROTECT and UNPROTECT functions, or just for locked stuff? I noticed that you reviewed the SECURE protect ticket in CureCode (#1143), but not yet the tickets that described what SECURE protect was supposed to secure (#1141 and #1142).|
How is it ensured that secure was not altered in a violant way before my code is reached?
IMO we need something like secure/changed?|
Brian: currently, all uses. But, we can go from here.
Robert: in theory, SECURE cannot be modified. It is defined in such a way that it alone has access to the system security policies object. If you redefine it, the new function cannot access that object.
I'd like to see /deny [url! file!] /only [url! file!] options to be added.
this would tell scripts to only operate under specific roots which you allow or deny.
useful when writing crawlers and you want to make sure where it goes (or doesn't).
also usefull for admins to limit damage scripts can do in an office environment.
example... limiting the writes to home dir.
Post a Comment:
You can post a comment here. Keep it on-topic.