Stefan O'Rear wrote:
On Sat, May 26, 2007 at 07:41:19PM +0100, Andrew Coppin wrote:
Donald Bruce Stewart wrote:
The #haskell people have been working on this for about 3 years now. The result is the 'runplugs' program, which I've talked about in previous mails.
http://www.cse.unsw.edu.au/~dons/code/lambdabot/scripts/RunPlugs.hs
It uses hs-plugins for the evaluation, along with the points about IO prevention via type checking, resource limits controlled by the OS, language extension preventions, and a trusted (audited) module base.
The security mechanisms were briefly described in the 2004 hs-plugins paper, if I recall, but otherwise, I don't think we've documented the techniques. Maybe we should, as many issues have been encountered over the years, further and further constraining the kinds of things that are allowed.
For me, the unfortunate thing is that there seems to be no interpreter for Haskell written in Haskell. (Except for GHC, which is *huge*.) We
Actually, there exists no interpreter for Haskell. Period.
Historical note: the first implementation of GHCi (by Alastair Reid) was a pure interpreter, IIRC. The second implementation, which was the predecessor to the current implementation, was also a pure interpreter, but we rewrote it to use a bytecode compiler/interpreter before it was ever released. The development history is all in darcs, if you care to take a look.. Cheers, Simon