Fix for `make-module-evaluator' with a file.
It used to work, but now it fails since when it runs "/foo/bar/baz.rkt" racket uses 'exists with "/foo/bar". See the comment for the fix that I used.
This commit is contained in:
parent
7ad7857ce2
commit
515c8dc6c1
|
@ -210,7 +210,16 @@
|
|||
|
||||
(define (compute-permissions paths+require-perms)
|
||||
(define-values [paths require-perms] (partition path? paths+require-perms))
|
||||
(append (map (lambda (p) `(read ,(path->bytes p))) paths)
|
||||
(define cpaths (map path->complete-path paths))
|
||||
(append (map (lambda (p) `(read ,(path->bytes p))) cpaths)
|
||||
;; when reading a file from "/foo/bar/baz.rkt" racket will try to see
|
||||
;; if "/foo/bar" exists, so allow these paths too; it might be needed
|
||||
;; to allow 'exists on any parent path, but I'm not sure that this is
|
||||
;; safe in terms of security, so put just the immediate parent dir in
|
||||
(filter-map (lambda (p)
|
||||
(let ([p (and (file-exists? p) (path-only p))])
|
||||
(and p `(exists ,(path->bytes p)))))
|
||||
cpaths)
|
||||
(module-specs->path-permissions require-perms)))
|
||||
|
||||
;; computes permissions that are needed for require specs (`read-bytecode' for
|
||||
|
|
|
@ -312,6 +312,15 @@
|
|||
(lambda ()
|
||||
(printf "~s\n" '(module sandbox-test racket/base
|
||||
(define x 123) (provide x)))))
|
||||
;; run it
|
||||
(make-module-evaluator! (string->path test-lib))
|
||||
--eval--
|
||||
x => 123
|
||||
(length (with-input-from-file ,test-lib read)) => 5
|
||||
;; the directory is still not kosher
|
||||
(directory-list ,tmp) =err> "`read' access denied"
|
||||
--top--
|
||||
;; require it
|
||||
(make-base-evaluator/reqs! `(,test-lib))
|
||||
--eval--
|
||||
x => 123
|
||||
|
|
Loading…
Reference in New Issue
Block a user