[Xotcl] Re: Safe interp for xotcl

Jeff Hobbs jeffh at ActiveState.com
Mon Apr 4 22:23:10 CEST 2005


Ben Thomasson wrote:
> Considering there is a safe interp in Tcl, there should be 
> extensive unit testing that can be run in regression to make 
> sure any new functionality like this does not break the 
> security model.  Does Tcl have regression tests (tcltest or 
> other) that exercise the ability of safe interp to stop 

Yes, Tcl has testing for its core safe functionality, as does Tk.

> dangerous code?  If there is, then these tests could be run 
> in at least Object eval to whether this simple
> approach would work.  If not, there should be.   Or is the 
> security model based
> on proving the safety of an interp by analysis of the code?  
> If you take this second approach them much more work must be 
> done before xotcl includes this code for the safe interp.

The point is that xotcl could expose its own set of unsafe
functionality - like a completely alternative FS API.  How
would that ever be covered by the Tcl test suite?

> ps ( In open source projects, is it the person who comes up 
> with the idea who is the person to implement it?  Dang. )

You betcha - you're hired!  ;)  I don't think it is actually
that much work in xotcl's case, I'm just saying that it should
not be rubber-stamped.

Jeff



More information about the Xotcl mailing list