[Openmcl-devel] modify lisp reader such that :: is disallowed
Ron Garret
ron at awun.net
Thu Jun 11 08:56:58 PDT 2009
On Jun 11, 2009, at 8:09 AM, Taoufik Dachraoui wrote:
> Hi
>
> Users will not have access to intern, find-package, ...
>
> I implemented a loader that exports public symbols and shadow unwanted
> symbols
> so that users will not be able to use any private or shadowed symbols.
>
> the only problem I am facing today (as far as I can see right now)
> is to
> disallow users to access non exported symbols by using the double
> colons (::)
>
The "as far as I can see right now" is a very important disclaimer.
The main problem with security is that there's a very big gap between
appearing to be secure and actually being secure. People make careers
out of bridging that gap, and still very often they get it wrong. Not
that I really want to discourage you -- it's good that you're being
ambitious, but it's important that you understand the magnitude of the
problem you are attempting to solve.
> I tried to use set-macro-character and set-dispatch-macro-character
> but failed, and
> the reason is that the lisp reader as soon as it finds a macro-
> character the previously
> read word will be considered as a token and there is no way to
> rollback.
Why is that a problem?
Is there a reason you don't just pre-process the string to remove all
colons before reading it? Or simply reject any string containing
colons?
rg
More information about the Openmcl-devel
mailing list