[CM] S7 integrated in TIC-80, and bug reports
bil at ccrma.Stanford.EDU
bil at ccrma.Stanford.EDU
Fri Feb 3 05:32:02 PST 2023
Do you need to disallow reading a file? If it's just
creating or altering a file that needs to be blocked,
you could redirect fopen and fwrite (in s7.c) to
functions that raise an error. I don't think s7 uses
creat, open (except with O_RDONLY), or write. Also
build it with WITH_C_LOADER=0 (to disallow dynamic
loading of C object code), and maybe WITH_SYSTEM_EXTRAS=0.
Hmmm... as I type this, this seems interesting --
maybe I'll tackle it later today. It might be
equally easy to disallow reading a file -- fread etc.
Oh, and for fopen, check the mode doesn't have "w" or "x"
or whatever else might change a file. I'm probably
forgetting something obvious.
(There's also the sandbox procedure in stuff.scm, but
it's been years since I looked at it).
More information about the Cmdist
mailing list