62 lines
2.5 KiB
Racket
62 lines
2.5 KiB
Racket
#lang scribble/doc
|
|
@(require "mz.ss")
|
|
|
|
@title[#:tag "modprotect"]{Code Inspectors}
|
|
|
|
In the same way that inspectors control access to structure fields
|
|
(see @secref["inspectors"]), inspectors also control access to
|
|
@tech{module bindings}. The default inspector for @tech{module
|
|
bindings} is determined by the @scheme[current-code-inspector]
|
|
parameter, instead of the @scheme[current-inspector] parameter.
|
|
|
|
When a @scheme[module] declaration is evaluated, the value of the
|
|
@scheme[current-code-inspector] parameter is associated with the
|
|
module declaration. When the module is invoked via @scheme[require] or
|
|
@scheme[dynamic-require], a sub-inspector of the module's
|
|
declaration-time inspector is created, and this sub-inspector is
|
|
associated with the module invocation. Any inspector that controls the
|
|
sub-inspector (i.e., the declaration-time inspector and its superior)
|
|
controls the module invocation.
|
|
|
|
Control over a module invocation enables
|
|
|
|
@itemize[
|
|
|
|
@item{the use of @scheme[module->namespace] on the module;}
|
|
|
|
@item{access to the module's protected identifiers, i.e. those
|
|
identifiers exported from the module with @scheme[protect]; and}
|
|
|
|
@item{access to the module's protected and unexported variables
|
|
within compiled code from @scheme[read] (see @scheme[current-compile]).}
|
|
|
|
]
|
|
|
|
If the value of @scheme[current-code-inspector] never changes, then no
|
|
control is lost for any module invocation, since the module's
|
|
invocation is associated with a sub-inspector of
|
|
@scheme[current-code-inspector].
|
|
|
|
The inspector for a module invocation is specific to a particular
|
|
module registry, in case a module is attached to a new registry via
|
|
@scheme[namespace-attach-module]. The invocation inspector in a
|
|
particular registry can be changed via
|
|
@scheme[namespace-unprotect-module] (but changing the inspector
|
|
requires control over the old one).
|
|
|
|
Control over a module declaration (as opposed to a mere invocation)
|
|
enables the reconstruction of syntax objects that contain references
|
|
to the module's protected and unexported identifiers. Otherwise, the
|
|
compiler and macro expander prevent any reference to a protected or
|
|
unexported identifier,
|
|
unless the reference appears within an expression that was generated
|
|
by the module's macros (or, more precisely, a macro from a module
|
|
whose declaration inspector controls the invocation of the
|
|
identifier's module). See @secref["stxcerts"] for further
|
|
information.
|
|
|
|
@defparam[current-code-inspector insp inspector?]{
|
|
|
|
A parameter that determines an inspector to control access to module
|
|
bindings and redefinitions.}
|