On this page:
make-trusted-evaluator
make-trusted-module-evaluator
make-scribble-evaluator
make-scribble-module-evaluator
make-sandbox-namespace-specs

13 Sandboxed Evaluation

 (require (planet cce/scheme:7:8/sandbox))

This module provides tools for sandboxed evaluation.

(make-trusted-evaluator language 
  input-program ... 
  #:requires requires 
  #:allow-read allow) 
  (any/c . -> . any)
  language : 
(or/c module-path?
      (list/c 'special symbol?)
      (cons/c 'begin list?))
  input-program : any/c
  requires : (listof (or/c module-path? path?))
  allow : (listof or/c module-path? path?)
(make-trusted-module-evaluator module-decl 
  #:language lang 
  #:allow-read allow) 
  (any/c . -> . any)
  module-decl : (or/c syntax? pair?)
  lang : (or/c #f module-path?)
  allow : (listof (or/c module-path? path?))
These procedures wrap calls to make-evaluator and make-module-evaluator, respectively, with call-with-trusted-sandbox-configuration (introduced in PLT 4.1.3.6). In older versions of PLT Scheme, they simulate the trusted configuration as closely as possible.

(make-scribble-evaluator language 
  input-program ... 
  #:requires requires 
  #:allow-read allow) 
  (any/c . -> . any)
  language : 
(or/c module-path?
      (list/c 'special symbol?)
      (cons/c 'begin list?))
  input-program : any/c
  requires : (listof (or/c module-path? path?))
  allow : (listof or/c module-path? path?)
(make-scribble-module-evaluator module-decl 
  #:language lang 
  #:allow-read allow) 
  (any/c . -> . any)
  module-decl : (or/c syntax? pair?)
  lang : (or/c #f module-path?)
  allow : (listof (or/c module-path? path?))
These procedures wrap calls to make-trusted-evaluator and make-trusted-module-evaluator, respectively, with parameterizations setting sandbox-output and sandbox-error-output to 'string.

(make-sandbox-namespace-specs make-ns 
  path ...) 
  (cons/c (-> namespace?) (listof module-path?))
  make-ns : (-> namespace?)
  path : module-path?
This function produces a value for the parameter sandbox-namespace-specs such that new sandbox evaluators start with a namespace constructed by make-ns and share a set of instances of the modules referred to by the given paths.