In Clojure 1.2 the :initial feature isn’t working at the moment!!!
h1. clj-sandbox
Why clj-sandbox?
Well the short story is, because it is cool. There are so many things you can do when sandboxing code is dead simple. That is what I hope clj-sandbox will do, allow clojure code to add sandboxing with less then 5 lines of code.
Of cause that is a idealistic view, to really customize the sandbox you might need 10 lines ;).
Long story? I need sandboxing for a project, and on #clojure hiredman, bsteuber and me got in a talk how nice it would be to have a simple sandbox library. So the next day I decided that I take it upon me to make it reality ;). Truth be told, hiredman did a very good job for clojurebot, I lot of code and ideas were pioneered by him :)
1) create a .java.policy file to grant your code rights.
In your code this will give you a very simple sandbox without jvm sandboxing:
(use 'net.licenser.sandbox)
(def my-sandbox (stringify-sandbox (new-sandbox)))
(my-sandbox "(+ 1 1)")
If you want more security and posibilties
(use 'net.licenser.sandbox)
(enable-security-manager)
(def sc (stringify-sandbox (new-sandbox-compiler)))
(def my-really-secure-add (sc "(+ a b)" 'a 'b))
(my-really-secure-add {} 23 19) ;=> 42
What better example as what people actually do with the code?
- Of cause EPIC uses clj-sandbox to run user scripts
- defn’s walton tool uses clj-sandbox to get better answers for your questions.
- Raynes’s IRC-bot sexpbot uses clj-sandbox too let users evaluate and test code in the IRC.
- clicki, a crazy wiki that lets user define the entire webside (code and everything) within itself.
See even now there are very varity usages for a sandbox and I hope there will be many more.
Add the following to your project.clj in leiningen:
[clj-sandbox “0.3”]Copyright © 2009 Heinz N. Gies and Anthony Simpson.
This code is published under the EPL, have fun! See LICENSE.html for the booring stuff.
Thanks to hiredman from #clojure for the patience with my question and the
code for the JVM jail :).
Also thanks to Raynes from #clojure for using and testing the library, spotting
evilish bugs, proofreading the comments and some improvements :D!