[Haskell-cafe] Re: ANN: diagrams 0.2
Gwern Branwen
gwern0 at gmail.com
Fri Feb 6 13:34:30 EST 2009
On Fri, Feb 6, 2009 at 1:13 PM, Chaddaï Fouché <chaddai.fouche at gmail.com> wrote:
> On Wed, Feb 4, 2009 at 4:56 PM, Gwern Branwen <gwern0 at gmail.com> wrote:
>>
>> Now, to implement it, I would probably say to myself, "well, we'll
>> create a temporary file, we'll write some basic imports into it, then
>> we'll write the user's expression into it as the definition of a
>> function 'foo', and main will be defined as 'main = renderFile foo'.
>> Then we use 'runhaskell' on the temporary file to create the picture,
>> delete the temp file, and bob's your uncle."
>>
>> Except of course there's nothing to prevent DoS attacks or other
>> exploits in the arbitrary code. So do we accept this and say that this
>> is a plugin one uses at one's own risk?
>
> Hackage contains some packages for that sandboxing, like mueval which
> is now used by lambdabot on #haskell I believe.
Yes, I'm familiar with mueval, but it may not be the right approach in
this case (quite aside from the fact that a fair number of changes
would be necessary). See my comment on the Pandoc issue:
http://code.google.com/p/pandoc/issues/detail?id=102#c9
--
gwern
More information about the Haskell-Cafe
mailing list