Using Scheme’s Eval in Sandbox

One of the most tantalizing features that folks hear about Scheme is the eval function. While in reality, when it comes to meta-programming most modern Scheme distributions have evolved other mechanisms to do so, eval is still a big draw. The biggest shock most folks have when it comes to Scheme, though, is that you can only evaluate expressions in the top level environment. If eval holds your interest long enough, for perhaps any number of different different reasons, you will eventually reach the point where you want to do use it to evaluate code that you didn’t write (my inspiration came in the form of the Dolphin Smalltalk tutorial task where you write network chat clients that can send code to each other for execution). Whatever *your* inspiration was, though, you will also reach the point where you realize that you don’t necessarily want arbitrary code to be executed in the environment in which you are running your program; you don’t want folks sending (exit) for example, that can be pretty irritating. One way to work around this issue to to evaluate your code in a sandbox.

Here are three ways to do it with PLT Scheme: DynamicEvalCustomNamespace, DynamicUntrustedEval, and Sandboxed Evaluation.

Addendum 04/22/08:

Here is a link directly to the Schematics PLT package which provides “a library of useful procedures on namespaces”.

Leave a Reply

Your email address will not be published. Required fields are marked *