From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from nez-perce.inria.fr (nez-perce.inria.fr [192.93.2.78]) by yquem.inria.fr (Postfix) with ESMTP id 18AB9BC48 for ; Mon, 21 Mar 2005 00:24:29 +0100 (CET) Received: from pauillac.inria.fr (pauillac.inria.fr [128.93.11.35]) by nez-perce.inria.fr (8.13.0/8.13.0) with ESMTP id j2KNOSqt019756 for ; Mon, 21 Mar 2005 00:24:28 +0100 Received: from concorde.inria.fr (concorde.inria.fr [192.93.2.39]) by pauillac.inria.fr (8.7.6/8.7.3) with ESMTP id AAA05389 for ; Mon, 21 Mar 2005 00:24:27 +0100 (MET) Received: from kurims.kurims.kyoto-u.ac.jp (kurims.kurims.kyoto-u.ac.jp [130.54.16.1]) by concorde.inria.fr (8.13.0/8.13.0) with ESMTP id j2KNOP1r017152 for ; Mon, 21 Mar 2005 00:24:27 +0100 Received: from localhost (suiren [130.54.16.25]) by kurims.kurims.kyoto-u.ac.jp (8.13.1/8.13.1) with ESMTP id j2KNOOLl024225; Mon, 21 Mar 2005 08:24:24 +0900 (JST) Date: Mon, 21 Mar 2005 08:24:17 +0900 (JST) Message-Id: <20050321.082417.106309019.garrigue@math.nagoya-u.ac.jp> To: szegedy@t-online.de Cc: caml-list@inria.fr Subject: Re: [Caml-list] Sandboxing in ocaml From: Jacques Garrigue In-Reply-To: <423DF6DA.3090800@t-online.de> References: <423CB1BB.5080906@t-online.de> <20050320.085649.30145338.garrigue@math.nagoya-u.ac.jp> <423DF6DA.3090800@t-online.de> X-Mailer: Mew version 4.2 on Emacs 21.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Miltered: at nez-perce with ID 423E062C.000 by Joe's j-chkmail (http://j-chkmail.ensmp.fr)! X-Miltered: at concorde with ID 423E0629.000 by Joe's j-chkmail (http://j-chkmail.ensmp.fr)! X-Spam: no; 0.00; caml-list:01 ocaml:01 dynlink:01 pervasives:01 compile:01 functions:01 jacques:01 jacques:01 mmm:02 unit:02 unit:02 linking:03 garrigue:03 garrigue:03 compiled:04 X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on yquem.inria.fr X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=disabled version=3.0.2 X-Spam-Level: From: Christian Szegedy > >This is the intent of Dynlink.allow_only. > >Not however that allowing is done on a unit base, so if you want to > >allow only some functions in a unit, you must create a new one > >containing only those, and compile your file against those (otherwise you > >won't be able to load it). > >This is the way MMM applets are made safe. > Excellent! This sounds exactly what I want. Can I forbid > the Pervasives unit while linking the applet? Sure: just omit it from the allowed units. The applet should then be compiled with the -nopervasives option. Jacques Garrigue