28 lines
986 B
Plaintext
28 lines
986 B
Plaintext
|
Forth Sandbox -*-org-*-
|
||
|
|
||
|
Date: 2011-11-04
|
||
|
|
||
|
A project I think I'll put on a front burner soon is my web-based
|
||
|
Forth programming environment. I've had a prototype[1] online for
|
||
|
several months, and it's already been handy.
|
||
|
|
||
|
Since the purpose is to execute arbitrary code from arbitrary
|
||
|
programmers, security is big concern and should be developed in
|
||
|
parallel with primary functionality. (The interface is currently
|
||
|
secured with HTTP basic authentication, but that will not be
|
||
|
sufficient when made publicly available.)
|
||
|
|
||
|
I have so far identified three technologies I may use to provide
|
||
|
security (probably in combination).
|
||
|
|
||
|
1. wordlists can block access to problematic words within the Forth
|
||
|
environment.
|
||
|
|
||
|
2. Plash is a user program that creates a restricted sandbox
|
||
|
environment and executes a specified program in the sandbos
|
||
|
|
||
|
3. Host the program in an isolated virtual server (VPS).
|
||
|
|
||
|
|
||
|
[1]: <http://papa.sdf.org/papa/cgi-bin/gforth.cgi>
|