More restricted execution silly ideas
Sat Jun 14 02:45:33 CEST 2003
I had another thought on implementing a restricted execution environment for
untrusted erlang code:
How about, instead of trying to lock down an erlang virtual machine, instead
putting the erlang code presented through a cleanser which pulls out any
functions which are regarded as unsafe?
Code which doesn't refer to anything unwanted passes through and is executed
without a murmur. The rest is hacked up, probably won't even compile, and
is left to bleed, or returned without running?
Or simply specify a limited set of functionality, and inspect incoming code
I suspect this might be easier than hacking up OTP and erlang.
More information about the erlang-questions