Revision as of 06:25, 24 September 2016 view source rosettacode>Craigd →‎{{header\|UNIX Shell}}: added zkl ← Older edit		Revision as of 11:03, 6 May 2017 view source rosettacode>Btiffin Added REXX Newer edit →
Line 60: </lang> The idea is that a default sandbox is suitable for running arbitrary code without any of the usual risks. The library can also be used with many different configurations, to lift some of the restriction, which is more fitting in different cases. =={{header\|REXX}}== Details for Regina REXX. REXX is designed to assist in system scripting. Normally any command that is not a REXX instruction or user added command is passed to the operating system ''or default ADDRESS'' for evaluation. Regina includes a RESTRICTED mode. This disables * LINEOUT, CHAROUT, POPEN, RXFUNCADD BIFs * "OPEN WRITE", "OPEN BOTH" subcommands of STREAM BIF * The "built-in" environments eg. SYSTEM, CMD or PATH of ADDRESS command * Setting the value of a variable in the external environment with VALUE BIF. * Calling external functions This mode is started from the command line with the <tt>-r</tt> option. When embedding Regina for use with application scripting the <tt>RexsStart</tt> API can have the <tt>RXRESTRICTED</tt> bit set in the <tt>CallType</tt> field. By the way, BIF is short for Built In Function. For example, given ''cat.rexx'': <lang rexx>ADDRESS SYSTEM 'cat cat.rexx'</lang> {{out}} <pre> prompt$ regina cat.rexx ADDRESS SYSTEM 'cat cat.rexx' prompt$ regina -r cat.rexx 1 +++ ADDRESS SYSTEM 'cat cat.rexx' Error 95 running "/home/user/lang/rexx/cat.rexx", line 1: [Restricted feature used in "safe" mode] Error 95.5: [Running external commands invalid in "safe" mode] </pre> =={{header\|Ruby}}==

Untrusted environment: Difference between revisions