Comments (3)
I think the key problem is that any module can make its own static pointers and GHC does not mandate that only the main program is allowed to do so.
Sounds like the cause for some problem. But could you state what the problem is? You seem to have a concern about security. But from this description I haven't pinned down what it is exactly quite yet.
from distributed-closure.
If so, what can I do to restrict the functions that I can get from unclosure?
As a stopgap, you could check the origin of the StaticPtr
at runtime after looking it up (unsafeLookupStaticPtr
) and before dereferencing it (deRefStaticPtr
) with staticPtrInfo
.
from distributed-closure.
OK, to clarify:
Let's say my program uses some external package that makes some static pointer that I don't know about. The program receives from an untrustworthy environment some serialized data encapsulating some closure in a request signify something for my program to run (maybe as part of an RPC system or a job queue system). The closure received typically involves some static pointer that I make in my own modules for the functions I want to allow running through closures. An attacker sends me a binary blob encoding some closure that involves some static pointer from the external package instead of my modules and the types line up, so I successfully deserialize the binary blob into a closure, and then end up naively running the closure and doing things I don't mean to do.
I would like to confirm whether that the above scenario is indeed possible and that a safety measure like the one mentioned by @facundominguez is necessary for security.
from distributed-closure.
Related Issues (12)
- Add examples of sending closures over the network HOT 2
- Derive static versions of `StandaloneDeriving` instances with `withStatic`
- Client server example doesn't build with ghc-8.4.3 HOT 5
- Provide `Static` instances for longer tuples
- Provide `Static` instance for `Static` HOT 1
- Add `Closure` to the definition of `staticPure` HOT 2
- How to handle types that require non-trivial serialization? HOT 2
- Tests fail to compile on GHC 8.6 HOT 1
- New hackage release
- Build failure with GHC 8 HOT 1
- `withStatic` instance fails when type families appear in constraints HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from distributed-closure.