[Haskell-cafe] "back doors" into the IO monad
Claude Heiland-Allen
claudiusmaximus at goto10.org
Sat Oct 23 18:44:46 EDT 2010
On 23/10/10 23:28, Manlio Perillo wrote:
> Hi.
>
> What are the available methods to execute IO actions from pure code?
>
> I know only unsafePerformIO and foreign import (to call a non pure
> foreign function).
>
>
> Assuming I want to execute external untrusted code using plugins (via
> the `plugins` package), is it possible to completely forbid execution of
> IO actions from user code?
Even pure code can cause denial of service through huge memory
consumption or infinite loop. Perhaps it would be wise to look at how
'lambdabot'/'mueval' work, using OS-level security limits to restrict
amount of memory and time that can be used by untrusted code (which
already has had its IO priviledges revoked, see their source codes for
details).
> Thanks Manlio
Claude
More information about the Haskell-Cafe
mailing list