"back doors" into the IO monad

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

"back doors" into the IO monad

Manlio Perillo-3
Hi.

What are the available methods to execute IO actions from pure code?

I know only unsafePerformIO and foreign import (to call a non pure
foreign function).


Assuming I want to execute external untrusted code using plugins (via
the `plugins` package), is it possible to completely forbid execution of
IO actions from user code?



Thanks   Manlio
_______________________________________________
Haskell-Cafe mailing list
[hidden email]
http://www.haskell.org/mailman/listinfo/haskell-cafe
Reply | Threaded
Open this post in threaded view
|

Re: "back doors" into the IO monad

Claude Heiland-Allen
On 23/10/10 23:28, Manlio Perillo wrote:

> Hi.
>
> What are the available methods to execute IO actions from pure code?
>
> I know only unsafePerformIO and foreign import (to call a non pure
> foreign function).
>
>
> Assuming I want to execute external untrusted code using plugins (via
> the `plugins` package), is it possible to completely forbid execution of
> IO actions from user code?

Even pure code can cause denial of service through huge memory
consumption or infinite loop.  Perhaps it would be wise to look at how
'lambdabot'/'mueval' work, using OS-level security limits to restrict
amount of memory and time that can be used by untrusted code (which
already has had its IO priviledges revoked, see their source codes for
details).

> Thanks   Manlio


Claude
_______________________________________________
Haskell-Cafe mailing list
[hidden email]
http://www.haskell.org/mailman/listinfo/haskell-cafe
Reply | Threaded
Open this post in threaded view
|

Re: "back doors" into the IO monad

Nicolas Pouillard-2
In reply to this post by Manlio Perillo-3
On Sun, 24 Oct 2010 00:28:37 +0200, Manlio Perillo <[hidden email]> wrote:
> Hi.
>
> What are the available methods to execute IO actions from pure code?
>
> I know only unsafePerformIO and foreign import (to call a non pure
> foreign function).

unsafeCoerce is a back door for almost everything.

--
Nicolas Pouillard
http://nicolaspouillard.fr
_______________________________________________
Haskell-Cafe mailing list
[hidden email]
http://www.haskell.org/mailman/listinfo/haskell-cafe
Reply | Threaded
Open this post in threaded view
|

Re: "back doors" into the IO monad

Gwern Branwen
On Sun, Oct 24, 2010 at 10:22 AM, Nicolas Pouillard
<[hidden email]> wrote:

> On Sun, 24 Oct 2010 00:28:37 +0200, Manlio Perillo <[hidden email]> wrote:
>> Hi.
>>
>> What are the available methods to execute IO actions from pure code?
>>
>> I know only unsafePerformIO and foreign import (to call a non pure
>> foreign function).
>
> unsafeCoerce is a back door for almost everything.
>

The mueval tests also include this fun example: 'runST (unsafeIOToST
(readFile "/etc/passwd"))'

--
gwern
http://www.gwern.net/
_______________________________________________
Haskell-Cafe mailing list
[hidden email]
http://www.haskell.org/mailman/listinfo/haskell-cafe