Comments on: Too much security on non-Windows releases
With the release of A87 on OS X and Linux, a little problem pops up:
carl@ubuntu: ./r3 test.r
...
Evaluating: test.r
** Access error: security violation: %../test.r
...
Well, that's the ultimate security, isn't it? You don't get to run anything. This of course is a bug. You should be able to run your scripts from the command line arguments.
The work-around for your own trusted scripts is to use the -s option:
carl@ubuntu: ./r3 -s test.r
You can add back some security in your rebol.r file with a line like:
secure [file quit %./ allow]
We'll research the problem and get this fixed, hopefully by the next release.
3 Comments Comments:
Brian Hawley 7-Oct-2009 17:13:30 |
Already fixed 2 weeks ago in DevBase. Guess you've been busy with native code. Please review the submissions and include them in the next release. | Carl Sassenrath 9-Oct-2009 0:29:47 |
Thanks Brian... yes, been "parse crazy". Will grab them. | Carl Sassenrath 10-Oct-2009 23:39:56 |
I only see a single line change in mezz-intrinsics.r -- and that's a fix I've already made in A87 (differently, due to parsing of the args to be R2 compatible.)
I'll research this a bit more before doing the A88 builds for Linux and OS X. It's not immediately clear, but could be related to startup directories or such settings. |
Post a Comment:
You can post a comment here. Keep it on-topic.
|