<div dir="ltr">I think it would be a good idea in another context. I think that forbidding IO completely is better aligned with the intentional use of the TIC-80 which is meant to be a fantasy console. The scheme code runs directly on the fictionnal hardware (a bit like your assembly would run from a NES cartridge). There shouldn&#39;t be any persistent file systems / storage accessible to users using that premise. </div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Feb 3, 2023 at 1:23 PM Massimiliano Gubinelli &lt;<a href="mailto:m.gubinelli@gmail.com">m.gubinelli@gmail.com</a>&gt; wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div>What about implementing a fake filesystem instead of allowing s7 to access the real one? In this way it will be effectively sandboxed. This is the approach used by emscripten to have ports work in webasm.<div><br></div><div>Max</div><div><br><div><br><blockquote type="cite"><div>On 3 Feb 2023, at 13:43, David St-Hilaire &lt;<a href="mailto:sthilaire.david@gmail.com" target="_blank">sthilaire.david@gmail.com</a>&gt; wrote:</div><br><div><div dir="ltr" style="font-family:HelveticaNeue;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none">I think it&#39;s mostly writing to files that is dangerous but disabling reading would be important too, if not only for forbidding &quot;breaking&quot; the fantasy console barriers. I looked at doing some changes but I was really not sure how to do it properly. If you would be generous enough to do the needed changes, it would be really amazing!<div><br></div><div>Thank you so much for your help!</div></div><br style="font-family:HelveticaNeue;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none"><div class="gmail_quote" style="font-family:HelveticaNeue;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none"><div dir="ltr" class="gmail_attr">On Fri, Feb 3, 2023 at 8:32 AM &lt;<a href="mailto:bil@ccrma.stanford.edu" target="_blank">bil@ccrma.stanford.edu</a>&gt; wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Do you need to disallow reading a file?  If it&#39;s just<br>creating or altering a file that needs to be blocked,<br>you could redirect fopen and fwrite (in s7.c) to<br>functions that raise an error.  I don&#39;t think s7 uses<br>creat, open (except with O_RDONLY), or write.  Also<br>build it with WITH_C_LOADER=0 (to disallow dynamic<br>loading of C object code), and maybe WITH_SYSTEM_EXTRAS=0.<br>Hmmm... as I type this, this seems interesting --<br>maybe I&#39;ll tackle it later today.  It might be<br>equally easy to disallow reading a file -- fread etc.<br>Oh, and for fopen, check the mode doesn&#39;t have &quot;w&quot; or &quot;x&quot;<br>or whatever else might change a file.  I&#39;m probably<br>forgetting something obvious.<br><br>(There&#39;s also the sandbox procedure in stuff.scm, but<br>it&#39;s been years since I looked at it).<br><br><br></blockquote></div><br clear="all" style="font-family:HelveticaNeue;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none"><div style="font-family:HelveticaNeue;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none"><br></div><span style="font-family:HelveticaNeue;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;float:none;display:inline">--<span> </span></span><br style="font-family:HelveticaNeue;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none"><div dir="ltr" style="font-family:HelveticaNeue;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none">David</div><span style="font-family:HelveticaNeue;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;float:none;display:inline">_______________________________________________</span><br style="font-family:HelveticaNeue;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none"><span style="font-family:HelveticaNeue;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;float:none;display:inline">Cmdist mailing list</span><br style="font-family:HelveticaNeue;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none"><a href="mailto:Cmdist@ccrma.stanford.edu" style="font-family:HelveticaNeue;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px" target="_blank">Cmdist@ccrma.stanford.edu</a><br style="font-family:HelveticaNeue;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none"><a href="https://cm-mail.stanford.edu/mailman/listinfo/cmdist" style="font-family:HelveticaNeue;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px" target="_blank">https://cm-mail.stanford.edu/mailman/listinfo/cmdist</a></div></blockquote></div><br></div></div></blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature">David</div>