Juergen Sauermann
2017-03-31 16:07:21 UTC
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<font face="Helvetica, Arial, sans-serif">Hi,<br>
<br>
I have added a framework for security features to GNU APL. These
features need to<br>
be enabled via <b>./configure</b>, for example:<br>
<br>
<font face="Courier New, Courier, monospace"><b>./configure
SECURITY_LEVEL_WANTED=0</b></font><br>
This is the default and leaves everything as is today.<br>
<br>
</font><font face="Helvetica, Arial, sans-serif"><font face="Courier
New, Courier, monospace"><b>./configure SECURITY_LEVEL_WANTED=<font
face="Helvetica, Arial, sans-serif">2</font></b></font><br>
</font><font face="Helvetica, Arial, sans-serif">This enables all
security checks and will, in the long run, render the interpreter
useless.<br>
</font><br>
<font face="Helvetica, Arial, sans-serif"><font face="Courier New,
Courier, monospace"><b>./configure SECURITY_LEVEL_WANTED=<font
face="Helvetica, Arial, sans-serif">1</font></b></font></font><br>
<font face="Helvetica, Arial, sans-serif">This enables security
checks, but with a finer granularity. With this setting you can
turn<br>
individual security checks on and of in your preferences file(s).
For example:<br>
<br>
<font face="Courier New, Courier, monospace"><b>Profile 1</b><b><br>
</b><b> disable_Quad_SQL yes # disable ⎕SQL</b><b><br>
</b><b> disable_Quad_FIO no # do not disable ⎕FIO</b><b><br>
</b><b> disable_native_functions yes # disable A ⎕FX B
(native fnctions)</b></font><br>
<br>
If you start GNU APL with profile 1, for example<br>
<br>
<font face="Courier New, Courier, monospace"><b>apl -p 1</b></font><br>
<br>
then <b>⎕SQL</b> is disabled, <b>⎕FIO </b>is enabled, and
dyadic <b>⎕FX</b> (aka. native functions) ia disabled.<br>
<br>
If you have no <b>Profile</b> line before the security settings
then the settings will be applied in all profiles (no -p option<br>
on the GNU APL command line corresponds to profile 0).<br>
<br>
If a user calls a disabled facility, then it will raise a <b>DOMAIN
ERROR</b> and set <b>)MORE</b> accordingly.<br>
<br>
Hope you like it,<br>
Jürgen<br>
<br>
</font>
</body>
</html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<font face="Helvetica, Arial, sans-serif">Hi,<br>
<br>
I have added a framework for security features to GNU APL. These
features need to<br>
be enabled via <b>./configure</b>, for example:<br>
<br>
<font face="Courier New, Courier, monospace"><b>./configure
SECURITY_LEVEL_WANTED=0</b></font><br>
This is the default and leaves everything as is today.<br>
<br>
</font><font face="Helvetica, Arial, sans-serif"><font face="Courier
New, Courier, monospace"><b>./configure SECURITY_LEVEL_WANTED=<font
face="Helvetica, Arial, sans-serif">2</font></b></font><br>
</font><font face="Helvetica, Arial, sans-serif">This enables all
security checks and will, in the long run, render the interpreter
useless.<br>
</font><br>
<font face="Helvetica, Arial, sans-serif"><font face="Courier New,
Courier, monospace"><b>./configure SECURITY_LEVEL_WANTED=<font
face="Helvetica, Arial, sans-serif">1</font></b></font></font><br>
<font face="Helvetica, Arial, sans-serif">This enables security
checks, but with a finer granularity. With this setting you can
turn<br>
individual security checks on and of in your preferences file(s).
For example:<br>
<br>
<font face="Courier New, Courier, monospace"><b>Profile 1</b><b><br>
</b><b> disable_Quad_SQL yes # disable ⎕SQL</b><b><br>
</b><b> disable_Quad_FIO no # do not disable ⎕FIO</b><b><br>
</b><b> disable_native_functions yes # disable A ⎕FX B
(native fnctions)</b></font><br>
<br>
If you start GNU APL with profile 1, for example<br>
<br>
<font face="Courier New, Courier, monospace"><b>apl -p 1</b></font><br>
<br>
then <b>⎕SQL</b> is disabled, <b>⎕FIO </b>is enabled, and
dyadic <b>⎕FX</b> (aka. native functions) ia disabled.<br>
<br>
If you have no <b>Profile</b> line before the security settings
then the settings will be applied in all profiles (no -p option<br>
on the GNU APL command line corresponds to profile 0).<br>
<br>
If a user calls a disabled facility, then it will raise a <b>DOMAIN
ERROR</b> and set <b>)MORE</b> accordingly.<br>
<br>
Hope you like it,<br>
Jürgen<br>
<br>
</font>
</body>
</html>