Version 12 of safe

Updated 2012-12-01 05:05:22 by RLE

Safe Base - A mechanism for creating and manipulating safe interpreters.

Bob Techentin asked questions on comp.lang.tcl regarding the use of safe interpreters running code that uses the [package require] mechanism. The Safe Base supports some package loading, but is mentioned less often than [interp create -safe]

Bob Asked:

How, in your opinion, Jacob, does [::safe::interpCreate] jibe with [interp create -safe]? Am I foolish for wanting to grant something beyond core functionality to a safe interpreter? If so, what is the real point of the Safe Base mechanism?

and Jacob Levy replied

The answer is that nilly willy you're going to want to source some stuff into a safe interpreter, open some scratch files etc. So, either you come up with your own idiosyncratic solution, or use safe::interpCreate to do it in a semi standard way.

In other words, interp create -safe gives you a raw interpreter without any aliases. That's of course also what safe::interpCreate does internally. And then it adds some aliases that were very very carefully designed to be safe (nearly as safe as the base safe interpreter that interp create -safe returns. The Safe Base is therefore simply one way to extend the raw safe interpreter, and has been carefully reviewed and used extensively, so it's believed to be safe.

If you were to roll your own, you could easily introduce some of the bugs that the war tested Safe Base has already avoided.

See also Safe Interps.