Added `sandbox-exit-handler' to control the exit handler

svn: r12654
2008-11-30 21:44:47 +00:00 · 2008-11-30 21:44:47 +00:00 · 8905cc86e5
commit 8905cc86e5
parent 224462a3f5
2 changed files with 14 additions and 2 deletions
--- a/collects/scheme/sandbox.ss
+++ b/collects/scheme/sandbox.ss
@ -15,8 +15,9 @@
         sandbox-coverage-enabled
         sandbox-namespace-specs
         sandbox-override-collection-paths
-         sandbox-security-guard
         sandbox-path-permissions
+         sandbox-security-guard
+         sandbox-exit-handler
         sandbox-network-guard
         sandbox-make-inspector
         sandbox-make-logger
@ -138,6 +139,11 @@

 (define sandbox-security-guard (make-parameter default-sandbox-guard))

+(define (default-sandbox-exit-handler _)
+  (error 'exit "sandboxed code cannot exit"))
+
+(define sandbox-exit-handler (make-parameter default-sandbox-exit-handler))
+
 (define sandbox-make-inspector (make-parameter make-inspector))

 (define sandbox-make-logger (make-parameter current-logger))
@ -594,7 +600,7 @@
    [current-command-line-arguments '#()]
    ;; restrict the sandbox context from this point
    [current-security-guard (sandbox-security-guard)]
-    [exit-handler (lambda x (error 'exit "user code cannot exit"))]
+    [exit-handler (sandbox-exit-handler)]
    [current-inspector ((sandbox-make-inspector))]
    [current-logger ((sandbox-make-logger))]
    ;; This breaks because we need to load some libraries that are trusted
--- a/collects/scribblings/reference/sandbox.scrbl
+++ b/collects/scribblings/reference/sandbox.scrbl
@ -448,6 +448,12 @@ collection libraries (including
@scheme[make-evalautor] for more information.}


+@defparam[sandbox-exit-handler handler (any/c . -> . any)]{
+
+A parameter that determines the initial @scheme[(exit-handler)] for
+sandboxed evaluations.  The default handler simply throws an error.}
+
+
@defparam[sandbox-network-guard proc
          (symbol?
           (or/c (and/c string? immutable?) #f)