Geek Answers Handbook

After compilation, the program can hypothetically start without calling eval?

I study how Clojure works, and I wonder if it is possible (just to understand how Clojure and Lisps dialects generally work) to compile Clojure and then run it while "forbidding" the use of eval.

Please note that I am not asking if it is technically possible for hotpatch to run the Clojure program, so that after compiling the Clojure program, an exception would be thrown if eval were ever called.

What I am asking is that if it is technically possible to prohibit the use of eval, will Clojure programs that do not use REPL, and not specifically eval, work?

Or standard / built-in APIs / macros / functions using eval under the hood at runtime?

+4
source share
3 answers

eval is what Clojure (and Lisps) interactive programming brings. You don't need eval as soon as you compile the Clojure code into jvm byte code (which doesn't use the eval function call anywhere) or other Lisp dialogs in the target runtime (mostly native code).

The main goal of the application would be to generate code at runtime and execute it, basically it would allow creating "runtime macros" that are not what the main API of the language should do for what it does.

+10
source

I asked this question a long time ago, and I answer my question, because additional information appeared, and approaches also appeared, and another question did not correctly address the problem.

In principle, reading functions are not safe by default.

In 2013, the Clojure groups discussed heated discussions after all Ruby exploits (where people suddenly felt worried about the security implications) in this thread, in the discussion thread:

"read-eval defaulting false"

The Clojure docs themselves clearly state that:

http://clojuredocs.org/clojure_core/clojure.core/read

 ;; WARNING: You SHOULD NOT use clojure.core/read or ;; clojure.core/read-string to read data from untrusted sources. They ;; were designed only for reading Clojure code and data from trusted ;; sources

Please note that even setting read-eval to false is not enough (at least not up, at least until Clojure 1.5), because some Java constructors can be called and have a side effect by carefully creating malicious inputs.

This is explained in detail in a blog post: "Clojure Reader is unsafe"

http://www.learningclojure.com/2013/02/clojures-reader-is-unsafe.html

In short: use something else like clojure.edn .

+1
source

It may be fair to say that:

  • most eval uses are performed either interactively (in REPL) or at compile time (for example, during extension and macro execution).
  • some uses of eval occur in regular code. This could be a useful trick, for example. when performing dynamically generated mathematical formulas in a spreadsheet program.

For the second reason, if you had forbidden the use of eval around the world, you would have damaged a lot of code / libraries at runtime, even if everything had already been compiled.

0
source

More articles:


All Articles