runResult
bye
Help Contents
Control Structures
runSecure
|
runResult
|
bye
|
runSecure level instructionlist
(runSecure level instructionlist stacksize recordsize memsize nodes timeout namespace vars)
command or operation. Runs the instructionlist in a more or less safe "sandbox"-like environment, depending on the various parameters.
level: can be a combination of the Logo constants SECURITY_DLCALL SECURITY_IODLL SECURITY_SHELL SECURITY_FILEWRITE SECURITY_FILEREAD SECURITY_DIRS SECURITY_THREAD SECURITY_KEYBOARD SECURITY_GUI SECURITY_ERASE SECURITY_CONNECT SECURITY_GLOBAL SECURITY_BURIED SECURITY_NAMESPACE SECURITY_USER.
stacksize: integer specifing the maximum stacksize of the sandbox evaluator.
recordsize: integer specifing the maximum graphics commands which might be recorded in the sandbox.
memsize: integer specifing the maximum memory size which the sandbox can occupy.
nodes: integer specifing the maximum node count which the sandbox can occupy.
timeout: integer specifing the maximum time which the sandbox can be active. After timout is over, the sandbox will end and return Unbound (=nothing).
namespace: the namespace in which the sandbox should run in.
vars: variables which shall be available in the namespace as parameters.
Example:
be testrunsecure docommands=[rboxdemo] username="guest ; catch "error [ (runSecure security_dlcall +security_iodll +security_shell +security_filewrite ;+security_fileread ;+security_dirs +security_thread ;+security_keyboard +security_gui ;+security_erase +security_buried +security_namespace 1024 ;stack size (in bytes) 100000 ;graphic record size (in graphic primitives) 1000000 ;memory size (in bytes) 65536 ;max. number of nodes 7000 ;timeout (in milliseconds) ; username ; [username] ; ^-- get pushed on the varStack in Namespace username docommands) ; runSecure is not allowed to use less security ; ] end |
; fd is not allowed to use more memory |
|
runResult
|
bye
|