Archaic Code Contest in Common Lisp

Discussion of Common Lisp

Re: Archaic Code Contest in Common Lisp

Postby findinglisp » Tue May 05, 2009 4:38 pm

You could also write a meta-interpreter in CL for the limited subset defined in the original paper in about 5 minutes and just have people use the interpreter. From there, sure, everybody could recreate CLOS if they really wanted to, but it would take them a while.

BTW, why the requirement for things to be so secure? If it's just a contest for fun, can you not rely on people to adhere to the rules without having to jump through hoops to prevent cheating? Or maybe I'm misunderstanding the point of the exercise. I mean, if there's $1M hanging on this, or something, then yea, I suppose you need to take steps to prevent cheating. If it's only for your own personal self-worth, you'd have to have pretty low self-worth to cheat your way toward self-worth. :)
Cheers, Dave
Slowly but surely the world is finding Lisp. http://www.findinglisp.com/blog/
findinglisp
 
Posts: 440
Joined: Sat Jun 28, 2008 7:49 am
Location: Austin, TX

Re: Archaic Code Contest in Common Lisp

Postby Kohath » Thu May 07, 2009 8:57 pm

As an idea for a secure interpreter, how about create a checking program/function/macro that checks to see if the submitted code contains any 'non-secure' function/macro calls? That might :?: be easier than trying to saw off big chunks of lisp.
User avatar
Kohath
 
Posts: 50
Joined: Mon Jul 07, 2008 8:06 pm
Location: Brisbane, Queensland, Australia

Re: Archaic Code Contest in Common Lisp

Postby gugamilare » Fri May 08, 2009 7:08 am

Kohath wrote:As an idea for a secure interpreter, how about create a checking program/function/macro that checks to see if the submitted code contains any 'non-secure' function/macro calls? That might :?: be easier than trying to saw off big chunks of lisp.


Not as simple, you will need to implement a code walker, or use Arnesi's. Well, ok, using Arnesi's code walker seems quite easy. But I believe it is much easier to create a package and only put allowed functions in the package.
gugamilare
 
Posts: 406
Joined: Sat Mar 07, 2009 6:17 pm
Location: Brazil

Re: Archaic Code Contest in Common Lisp

Postby dmitry_vk » Fri May 08, 2009 8:43 am

Kohath wrote:As an idea for a secure interpreter, how about create a checking program/function/macro that checks to see if the submitted code contains any 'non-secure' function/macro calls? That might :?: be easier than trying to saw off big chunks of lisp.

How about that?
Code: Select all
(let ((x "SOME-UNAUTHORIZED-FUNCTION"))
  (funcall (symbol-function (find-symbol x))))
dmitry_vk
 
Posts: 96
Joined: Sat Jun 28, 2008 8:01 am
Location: Russia, Kazan

Re: Archaic Code Contest in Common Lisp

Postby gugamilare » Fri May 08, 2009 1:11 pm

dmitry_vk wrote:
Kohath wrote:As an idea for a secure interpreter, how about create a checking program/function/macro that checks to see if the submitted code contains any 'non-secure' function/macro calls? That might :?: be easier than trying to saw off big chunks of lisp.

How about that?
Code: Select all
(let ((x "SOME-UNAUTHORIZED-FUNCTION"))
  (funcall (symbol-function (find-symbol x))))


You are assuming that symbol-function and find-symbol are gonna be allowed by the checking program.

Anyway, using packages, it is easy: only change the package to safe package before loading a file:

Code: Select all
(defpackage :safe-package-functions
  (:use :whatever :cl)
  (:export #:1+ #:1- #:zerop #:defun #:cons #:car #:cdr))

(defpackage :safe-package
  (:use :safe-package-functions))


The only way to call the function find-symbol is to write explicitly cl:find-symbol, therefore using symbols of another package. A simple use of cl-ppcre on the file (scan something that matches either \w:\w or \w::\w) will make sure that does not happen.
gugamilare
 
Posts: 406
Joined: Sat Mar 07, 2009 6:17 pm
Location: Brazil

Previous

Return to Common Lisp

Who is online

Users browsing this forum: Bing [Bot] and 1 guest