Re: Languages (was Re: Forms support in clients)

Nathaniel Borenstein (
Wed, 28 Sep 1994 12:02:52 -0400 (EDT)

Excerpts from www-talk: 28-Sep-94 Languages (was Re: Forms su.. Brian
Behlendorf@wired.c (3700*)

> Instead,
> why not create a safe-environment-shell, in which a script in *any* language
> that the client can understand can run, and when it attempts to do something
> labeled as unsafe, the user is prompted for validation (or gives his consent
> on certain actions by default). I doesn't seem like it would be too
> difficult to create this shell, though I don't know what the performance
> hit would be like.

It would be *very* difficult, actually. There have been lots of
attempts to do this sort of thing. It's really hard to come up with a
reliable list of safe or unsafe actions, and even harder to come up with
a hole-free implementation. This sounds easy conceptually, but in
practice it is fraught with peril and complications...... It is
sufficiently hard to even build a safe language that building a safe
shell-like environment may be pretty near impossible in practice. --