Use protect-out for unsafe operations

Disallows usage in sandboxes and similar contexts
2015-10-20 17:26:44 -04:00 · 2015-10-20 17:26:44 -04:00 · c3a59ee1c4
commit c3a59ee1c4
parent 6aa635d740
2 changed files with 17 additions and 2 deletions
--- a/typed-racket-lib/typed/racket/unsafe.rkt
+++ b/typed-racket-lib/typed/racket/unsafe.rkt
@ -2,8 +2,8 @@

 ;; This module provides unsafe operations for Typed Racket

-(provide unsafe-provide
-         unsafe-require/typed)
+(provide (protect-out unsafe-provide
+                      unsafe-require/typed))

 (require (for-syntax racket/base
                     typed-racket/private/syntax-properties
--- a/typed-racket-test/fail/sandboxed-unsafe-ops.rkt
+++ b/typed-racket-test/fail/sandboxed-unsafe-ops.rkt
@ -0,0 +1,15 @@
+#;
+(exn-pred #rx"access disallowed by")
+#lang racket/base
+
+;; This test checks that TR's unsafe libraries are not accessible
+;; from a sandboxed context
+
+(require racket/sandbox)
+
+(parameterize ([sandbox-memory-limit 1000])
+  (define eval (make-evaluator 'typed/racket))
+  (eval '(require typed/racket/unsafe))
+
+  ;; should fail
+  (eval '(unsafe-require/typed racket/base [values 3])))