I'm curious if the swift repl has hooks for embedding and sandboxing.
I'd like to statically compile the swift repl, link it into other code, and
then disable write access to the filesystem, for example.
Could someone point me to the API functions or configuration settings that
would let me sandbox or limit the reach of the repl?
Thank you.
Jason
Since Swift allows you to trivially call out to C, even if such functions were available in Swift it wouldn't be sufficient. Instead you should look at running Swift under a security policy like sandbox (on Darwin) or apparmor/selinux/grsecurity (on Linux).
Alex
On 1 Mar 2017, at 16:54, Jason E. Aten via swift-dev <swift-dev@swift.org> wrote:
I'm curious if the swift repl has hooks for embedding and sandboxing.
I'd like to statically compile the swift repl, link it into other code, and then disable write access to the filesystem, for example.
Could someone point me to the API functions or configuration settings that would let me sandbox or limit the reach of the repl?