Added `sandbox-exit-handler' to control the exit handler

svn: r12654
This commit is contained in:
Eli Barzilay 2008-11-30 21:44:47 +00:00
parent 224462a3f5
commit 8905cc86e5
2 changed files with 14 additions and 2 deletions

View File

@ -15,8 +15,9 @@
sandbox-coverage-enabled
sandbox-namespace-specs
sandbox-override-collection-paths
sandbox-security-guard
sandbox-path-permissions
sandbox-security-guard
sandbox-exit-handler
sandbox-network-guard
sandbox-make-inspector
sandbox-make-logger
@ -138,6 +139,11 @@
(define sandbox-security-guard (make-parameter default-sandbox-guard))
(define (default-sandbox-exit-handler _)
(error 'exit "sandboxed code cannot exit"))
(define sandbox-exit-handler (make-parameter default-sandbox-exit-handler))
(define sandbox-make-inspector (make-parameter make-inspector))
(define sandbox-make-logger (make-parameter current-logger))
@ -594,7 +600,7 @@
[current-command-line-arguments '#()]
;; restrict the sandbox context from this point
[current-security-guard (sandbox-security-guard)]
[exit-handler (lambda x (error 'exit "user code cannot exit"))]
[exit-handler (sandbox-exit-handler)]
[current-inspector ((sandbox-make-inspector))]
[current-logger ((sandbox-make-logger))]
;; This breaks because we need to load some libraries that are trusted

View File

@ -448,6 +448,12 @@ collection libraries (including
@scheme[make-evalautor] for more information.}
@defparam[sandbox-exit-handler handler (any/c . -> . any)]{
A parameter that determines the initial @scheme[(exit-handler)] for
sandboxed evaluations. The default handler simply throws an error.}
@defparam[sandbox-network-guard proc
(symbol?
(or/c (and/c string? immutable?) #f)