REBOL 3.0

Comments on: SECURE secure, debug, and protect

Carl Sassenrath, CTO
REBOL Technologies
5-Aug-2009 18:10 GMT

Article #0228
Main page || Index || Prior Article [0227] || Next Article [0229] || 4 Comments || Send feedback

These policies have been added to the SECURE function:

 securesecure usage of the SECURE function from changes. This is important, because otherwise any program can change security to whatever it wants.
 protectsecure the PROTECT function that protects values, series, objects, and hiding.
 debugsecure the TRACE and STACK debugging functions.

For example:

secure [secure quit]

will protect your code from changes in security. (Note that not even your own program can change security after that... which is actually the way you want it to work.)

It is likely that there are a few other enhancements needed. One we need for sure is the security requestor (popup) to request changes to security (the ASK action.)

See the SECURE function for details.

4 Comments

Comments:

Brian Hawley
5-Aug-2009 16:25:41
Does SECURE protect secure all uses of the PROTECT and UNPROTECT functions, or just for locked stuff? I noticed that you reviewed the SECURE protect ticket in CureCode (#1143), but not yet the tickets that described what SECURE protect was supposed to secure (#1141 and #1142).
Robert
9-Aug-2009 8:58:32
How is it ensured that secure was not altered in a violant way before my code is reached? IMO we need something like secure/changed?
Carl Sassenrath
9-Aug-2009 21:34:53
Brian: currently, all uses. But, we can go from here.

Robert: in theory, SECURE cannot be modified. It is defined in such a way that it alone has access to the system security policies object. If you redefine it, the new function cannot access that object.

Maxim Olivier-Adlhoch
10-Aug-2009 0:12:17
I'd like to see /deny [url! file!] /only [url! file!] options to be added.

this would tell scripts to only operate under specific roots which you allow or deny.

useful when writing crawlers and you want to make sure where it goes (or doesn't).

also usefull for admins to limit damage scripts can do in an office environment.

example... limiting the writes to home dir.

Post a Comment:

You can post a comment here. Keep it on-topic.

Name:

Blog id:

R3-0228


Comment:


 Note: HTML tags allowed for: b i u li ol ul font span div a p br pre tt blockquote
 
 

This is a technical blog related to the above topic. We reserve the right to remove comments that are off-topic, irrelevant links, advertisements, spams, personal attacks, politics, religion, etc.

REBOL 3.0
Updated 22-Jul-2017 - Edit - Copyright REBOL Technologies - REBOL.net