511 lines
301 KiB
HTML
511 lines
301 KiB
HTML
|
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
|
||
|
|
<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"/><meta name="viewport" content="width=device-width, initial-scale=0.8"/><title>14.12 Sandboxed Evaluation</title><link rel="stylesheet" type="text/css" href="../scribble.css" title="default"/><link rel="stylesheet" type="text/css" href="extras.css" title="default"/><link rel="stylesheet" type="text/css" href="../racket.css" title="default"/><link rel="stylesheet" type="text/css" href="../manual-style.css" title="default"/><link rel="stylesheet" type="text/css" href="../manual-racket.css" title="default"/><link rel="stylesheet" type="text/css" href="../manual-racket.css" title="default"/><link rel="stylesheet" type="text/css" href="../doc-site.css" title="default"/><script type="text/javascript" src="../scribble-common.js"></script><script type="text/javascript" src="../manual-racket.js"></script><script type="text/javascript" src="../manual-racket.js"></script><script type="text/javascript" src="../doc-site.js"></script><script type="text/javascript" src="../local-redirect/local-redirect.js"></script><script type="text/javascript" src="../local-redirect/local-user-redirect.js"></script><!--[if IE 6]><style type="text/css">.SIEHidden { overflow: hidden; }</style><![endif]--></head><body id="doc-racket-lang-org"><div class="tocset"><div class="tocview"><div class="tocviewlist tocviewlisttopspace"><div class="tocviewtitle"><table cellspacing="0" cellpadding="0"><tr><td style="width: 1em;"><a href="javascript:void(0);" title="Expand/Collapse" class="tocviewtoggle" onclick="TocviewToggle(this,"tocview_0");">►</a></td><td></td><td><a href="index.html" class="tocviewlink" data-pltdoc="x">The Racket Reference</a></td></tr></table></div><div class="tocviewsublisttop" style="display: none;" id="tocview_0"><table cellspacing="0" cellpadding="0"><tr><td align="right">1 </td><td><a href="model.html" class="tocviewlink" data-pltdoc="x">Language Model</a></td></tr><tr><td align="right">2 </td><td><a href="notation.html" class="tocviewlink" data-pltdoc="x">Notation for Documentation</a></td></tr><tr><td align="right">3 </td><td><a href="syntax.html" class="tocviewlink" data-pltdoc="x">Syntactic Forms</a></td></tr><tr><td align="right">4 </td><td><a href="data.html" class="tocviewlink" data-pltdoc="x">Datatypes</a></td></tr><tr><td align="right">5 </td><td><a href="structures.html" class="tocviewlink" data-pltdoc="x">Structures</a></td></tr><tr><td align="right">6 </td><td><a href="mzlib_class.html" class="tocviewlink" data-pltdoc="x">Classes and Objects</a></td></tr><tr><td align="right">7 </td><td><a href="mzlib_unit.html" class="tocviewlink" data-pltdoc="x">Units</a></td></tr><tr><td align="right">8 </td><td><a href="contracts.html" class="tocviewlink" data-pltdoc="x">Contracts</a></td></tr><tr><td align="right">9 </td><td><a href="match.html" class="tocviewlink" data-pltdoc="x">Pattern Matching</a></td></tr><tr><td align="right">10 </td><td><a href="control.html" class="tocviewlink" data-pltdoc="x">Control Flow</a></td></tr><tr><td align="right">11 </td><td><a href="concurrency.html" class="tocviewlink" data-pltdoc="x">Concurrency and Parallelism</a></td></tr><tr><td align="right">12 </td><td><a href="Macros.html" class="tocviewlink" data-pltdoc="x">Macros</a></td></tr><tr><td align="right">13 </td><td><a href="input-and-output.html" class="tocviewlink" data-pltdoc="x">Input and Output</a></td></tr><tr><td align="right">14 </td><td><a href="security.html" class="tocviewselflink" data-pltdoc="x">Reflection and Security</a></td></tr><tr><td align="right">15 </td><td><a href="os.html" class="tocviewlink" data-pltdoc="x">Operating System</a></td></tr><tr><td align="right">16 </td><td><a href="memory.html" class="tocviewlink" data-pltdoc="x">Memory Management</a></td></tr><tr><td align="right">17 </td><td><a href="unsafe.html" class="tocviewlink" data-pltdoc="x">Unsafe Operations</a></td></tr><tr><td align="right">18 </td><td><a href="running.html" cl
|
||
|
|
creating “sandboxed” evaluators, which are configured in a
|
||
|
|
particular way and can have restricted resources (memory and time),
|
||
|
|
filesystem and network access, and much more. Sandboxed evaluators can be
|
||
|
|
configured through numerous parameters —<wbr></wbr> and the defaults are set
|
||
|
|
for the common use case where sandboxes are very limited.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><table cellspacing="0" cellpadding="0" class="prototype RForeground"><tr><td valign="top" colspan="3"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._make-evaluator))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-evaluator%29%29" class="RktValDef RktValLink" data-pltdoc="x">make-evaluator</a></span></span></td><td valign="top"><span class="hspace"> </span></td></tr><tr><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="RktVar">language</span></td><td valign="top"><span class="hspace"> </span></td></tr><tr><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="RktVar">input-program</span><span class="hspace"> </span><span class="RktMeta">...</span></td><td valign="top"><span class="hspace"> </span></td></tr><tr><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span><span class="RktOpt">[</span></td><td valign="top"><span class="RktPn">#:requires</span><span class="hspace"> </span><span class="RktVar">requires</span></td><td valign="top"><span class="hspace"> </span></td></tr><tr><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="RktPn">#:allow-for-require</span><span class="hspace"> </span><span class="RktVar">allow-for-require</span></td><td valign="top"><span class="hspace"> </span></td></tr><tr><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="RktPn">#:allow-for-load</span><span class="hspace"> </span><span class="RktVar">allow-for-load</span></td><td valign="top"><span class="hspace"> </span></td></tr><tr><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="RktPn">#:allow-read</span><span class="hspace"> </span><span class="RktVar">allow-read</span></td><td valign="top"><span class="hspace"> </span></td></tr><tr><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="RktPn">#:allow-syntactic-requires</span><span class="hspace"> </span><span class="RktVar">allow-syntactic-requires</span><span class="RktOpt">]</span><span class="RktPn">)</span></td><td valign="top"><span class="hspace"> </span></td></tr></table></blockquote></td></tr><tr><td><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr><tr><td><table cellspacing="0" cellpadding="0" class="argcontract"><tr><td valign="top"><span class="hspace"> </span></td><td valign="t
|
||
|
|
<span class="RktVar">language</span> and <span class="RktVar">requires</span> specification, and starts
|
||
|
|
evaluating the given <span class="RktVar">input-program</span>s. The
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-module-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-module-evaluator</a></span> function creates an evaluator that
|
||
|
|
works in the context of a given module. The result in either case is a
|
||
|
|
function for further evaluation.</div></p><p>The returned evaluator operates in an isolated and limited
|
||
|
|
environment. In particular, filesystem access is restricted, which may
|
||
|
|
interfere with using modules from the filesystem that are not
|
||
|
|
in a <a href="collects.html#%28tech._collection%29" class="techoutside" data-pltdoc="x"><span class="techinside">collection</span></a>. See below for
|
||
|
|
information on the <span class="RktVar">allow-for-require</span>,
|
||
|
|
<span class="RktVar">allow-for-load</span>, and <span class="RktVar">allow-read</span> arguments; collection-based
|
||
|
|
module files typically do not need to be included in those lists. When
|
||
|
|
<span class="RktVar">language</span> is a module path or when <span class="RktVar">requires</span> is
|
||
|
|
provided, the indicated modules are implicitly included in the
|
||
|
|
<span class="RktVar">allow-for-require</span> list. When <span class="RktVar">allow-syntactic-requires</span>
|
||
|
|
is not <span class="RktVal">#f</span>, it constraints the set of modules that can be directly
|
||
|
|
referenced in a module; see below for more information.
|
||
|
|
(For backward compatibility,
|
||
|
|
non-<span class="RktSym"><a href="Module_Names_and_Loading.html#%28def._%28%28quote._~23~25kernel%29._module-path~3f%29%29" class="RktValLink" data-pltdoc="x">module-path?</a></span> path strings are allowed in arguments like
|
||
|
|
<span class="RktVar">requires</span>; they are implicitly converted to paths before
|
||
|
|
addition to <span class="RktVar">allow-for-require</span>.)</p><p>Each <span class="RktVar">input-program</span> or <span class="RktVar">module-decl</span> argument provides
|
||
|
|
a program in one of the following forms:</p><ul><li><p>an input port used to read the program;</p></li><li><p>a string or a byte string holding the complete input;</p></li><li><p>a path that names a file holding the input; or</p></li><li><p>an S-expression or a <a href="syntax-model.html#%28tech._syntax._object%29" class="techoutside" data-pltdoc="x"><span class="techinside">syntax object</span></a>, which is evaluated
|
||
|
|
as with <span class="RktSym"><a href="eval.html#%28def._%28%28quote._~23~25kernel%29._eval%29%29" class="RktValLink" data-pltdoc="x">eval</a></span> (see also
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._get-uncovered-expressions%29%29" class="RktValLink" data-pltdoc="x">get-uncovered-expressions</a></span>).</p></li></ul><p>In the first three cases above, the program is read using
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-reader%29%29" class="RktValLink" data-pltdoc="x">sandbox-reader</a></span>, with line-counting enabled for sensible error
|
||
|
|
messages, and with <span class="RktVal">'</span><span class="RktVal">program</span> as the source (used for testing
|
||
|
|
coverage). In the last case, the input is expected to be the complete
|
||
|
|
program, and is converted to a <a href="syntax-model.html#%28tech._syntax._object%29" class="techoutside" data-pltdoc="x"><span class="techinside">syntax object</span></a> (using
|
||
|
|
<span class="RktVal">'</span><span class="RktVal">program</span> as the source), unless it already is a <a href="syntax-model.html#%28tech._syntax._object%29" class="techoutside" data-pltdoc="x"><span class="techinside">syntax
|
||
|
|
object</span></a>.</p><p>The returned evaluator function accepts additional expressions
|
||
|
|
(each time it is called) in essentially the same form: a string or
|
||
|
|
byte string holding a sequence of expressions, a path for a file
|
||
|
|
holding expressions, an S-expression, or a <a href="syntax-model.html#%28tech._syntax._object%29" class="techoutside" data-pltdoc="x"><span class="techinside">syntax object</span></a>. If
|
||
|
|
the evaluator receives an <span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._eof%29%29" class="RktValLink" data-pltdoc="x">eof</a></span> value, it is terminated and
|
||
|
|
raises errors thereafter. See also <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._kill-evaluator%29%29" class="RktValLink" data-pltdoc="x">kill-evaluator</a></span>, which
|
||
|
|
terminates the evaluator without raising an exception.</p><p>For <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-evaluator</a></span>, multiple <span class="RktVar">input-program</span>s are
|
||
|
|
effectively concatenated to form a single program. The way that the
|
||
|
|
<span class="RktVar">input-program</span>s are evaluated depends on the <span class="RktVar">language</span>
|
||
|
|
argument:</p><ul><li><p>The <span class="RktVar">language</span> argument can be a module path (i.e., a
|
||
|
|
datum that matches the grammar for <span class="RktVar">module-path</span> of
|
||
|
|
<span class="RktSym"><a href="require.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._require%29%29" class="RktStxLink" data-pltdoc="x">require</a></span>).</p><p>In this case, the <span class="RktVar">input-program</span>s are automatically
|
||
|
|
wrapped in a <span class="RktSym"><a href="module.html#%28form._%28%28quote._~23~25kernel%29._module%29%29" class="RktStxLink" data-pltdoc="x">module</a></span>, and the resulting evaluator works
|
||
|
|
within the resulting module’s namespace.</p></li><li><p>The <span class="RktVar">language</span> argument can be a list starting with
|
||
|
|
<span class="RktVal">'</span><span class="RktVal">special</span>, which indicates a built-in language with
|
||
|
|
special input configuration. The possible values are
|
||
|
|
<span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">special</span><span class="stt"> </span><span class="RktVal">r5rs</span><span class="RktVal">)</span> or a value indicating a teaching
|
||
|
|
language: <span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">special</span><span class="stt"> </span><span class="RktVal">beginner</span><span class="RktVal">)</span>, <span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">special</span><span class="stt"> </span><span class="RktVal">beginner-abbr</span><span class="RktVal">)</span>, <span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">special</span><span class="stt"> </span><span class="RktVal">intermediate</span><span class="RktVal">)</span>,
|
||
|
|
<span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">special</span><span class="stt"> </span><span class="RktVal">intermediate-lambda</span><span class="RktVal">)</span>, or <span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">special</span><span class="stt"> </span><span class="RktVal">advanced</span><span class="RktVal">)</span>.</p><p>In this case, the <span class="RktVar">input-program</span>s are automatically
|
||
|
|
wrapped in a <span class="RktSym"><a href="module.html#%28form._%28%28quote._~23~25kernel%29._module%29%29" class="RktStxLink" data-pltdoc="x">module</a></span>, and the resulting evaluator works
|
||
|
|
within the resulting module’s namespace. In addition, certain
|
||
|
|
parameters (such as such as <span class="RktSym"><a href="Reading.html#%28def._%28%28quote._~23~25kernel%29._read-accept-infix-dot%29%29" class="RktValLink" data-pltdoc="x">read-accept-infix-dot</a></span>) are
|
||
|
|
set to customize reading programs from strings and ports.</p><p>This option is provided mainly for older test systems. Using
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-module-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-module-evaluator</a></span> with input starting with
|
||
|
|
<span class="RktMod">#lang</span> is generally better.</p></li><li><p>Finally, <span class="RktVar">language</span> can be a list whose first element is
|
||
|
|
<span class="RktVal">'</span><span class="RktVal">begin</span>.</p><p>In this case, a new namespace is created using
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-namespace-specs%29%29" class="RktValLink" data-pltdoc="x">sandbox-namespace-specs</a></span>, which by default creates a
|
||
|
|
new namespace using <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-make-namespace%29%29" class="RktValLink" data-pltdoc="x">sandbox-make-namespace</a></span> (which, in
|
||
|
|
turn, uses <span class="RktSym"><a href="Namespaces.html#%28def._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._make-base-namespace%29%29" class="RktValLink" data-pltdoc="x">make-base-namespace</a></span> or
|
||
|
|
<span class="RktSym"><a href="https://download.racket-lang.org/releases/8.6/doc/local-redirect/index.html?doc=gui&rel=Windowing_Functions.html%23%2528def._%2528%2528lib._racket%252Fgui%252Fbase..rkt%2529._make-gui-namespace%2529%2529&version=8.6" class="RktValLink Sq" data-pltdoc="x">make-gui-namespace</a></span> depending on
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-gui-available%29%29" class="RktValLink" data-pltdoc="x">sandbox-gui-available</a></span> and <span class="RktSym"><a href="https://download.racket-lang.org/releases/8.6/doc/local-redirect/index.html?doc=gui&rel=Dynamic_Loading.html%23%2528def._%2528%2528lib._racket%252Fgui%252Fdynamic..rkt%2529._gui-available%7E3f%2529%2529&version=8.6" class="RktValLink Sq" data-pltdoc="x">gui-available?</a></span>).</p><p>In the new namespace, <span class="RktVar">language</span> is evaluated as an
|
||
|
|
expression to further initialize the namespace.</p></li></ul><p>The <span class="RktVar">requires</span> list adds additional imports to the module or
|
||
|
|
namespace for the <span class="RktVar">input-program</span>s, even in the case that
|
||
|
|
<span class="RktSym"><a href="require.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._require%29%29" class="RktStxLink" data-pltdoc="x">require</a></span> is not made available through the <span class="RktVar">language</span>.
|
||
|
|
The <span class="RktVar">allow-syntactic-requires</span> argument, if non-<span class="RktVal">#f</span>,
|
||
|
|
constrains <span class="RktSym"><a href="require.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._require%29%29" class="RktStxLink" data-pltdoc="x">require</a></span> references expanded in the module when the
|
||
|
|
<span class="RktVar">language</span> argument implies a <span class="RktSym"><a href="module.html#%28form._%28%28quote._~23~25kernel%29._module%29%29" class="RktStxLink" data-pltdoc="x">module</a></span> wrapper; more
|
||
|
|
precisely, it constrains the module paths that can be resolved when a
|
||
|
|
syntax object is provided to the <a href="Module_Names_and_Loading.html#%28tech._module._name._resolver%29" class="techoutside" data-pltdoc="x"><span class="techinside">module name resolver</span></a>, which
|
||
|
|
will include <span class="RktSym"><a href="require.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._require%29%29" class="RktStxLink" data-pltdoc="x">require</a></span> forms that are created by macro
|
||
|
|
expansion. A relative-submodule path using <span class="RktSym"><a href="require.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._submod%29%29" class="RktStxLink" data-pltdoc="x">submod</a></span> followed by
|
||
|
|
either <span class="RktVal">"."</span> or <span class="RktVal">".."</span> is always allowed.</p><p>The following examples illustrate the difference between an evaluator
|
||
|
|
that puts the program in a module and one that merely initializes a
|
||
|
|
top-level namespace:</p><blockquote class="SCodeFlow"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="stt">> </span><span class="RktPn">(</span><span class="RktSym"><a href="define.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._define%29%29" class="RktStxLink" data-pltdoc="x">define</a></span><span class="hspace"> </span><span class="RktSym">base-module-eval</span></td></tr><tr><td><span class="hspace"> </span><span class="hspace"> </span><span class="RktCmt">;</span><span class="RktCmt"> </span><span class="RktCmt">a module cannot have free variables...</span></td></tr><tr><td><span class="hspace"> </span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-evaluator</a></span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">racket/base</span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">define</span><span class="hspace"> </span><span class="RktVal">(</span><span class="RktVal">f</span><span class="RktVal">)</span><span class="hspace"> </span><span class="RktVal">later</span><span class="RktVal">)</span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr></table></td></tr><tr><td><p><span class="RktErr">program:1:0: later: unbound identifier</span></p></td></tr><tr><td><p><span class="RktErr"></span><span class="hspace"> </span><span class="RktErr">in: later</span></p></td></tr><tr><td><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="stt">> </span><span class="RktPn">(</span><span class="RktSym"><a href="define.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._define%29%29" class="RktStxLink" data-pltdoc="x">define</a></span><span class="hspace"> </span><span class="RktSym">base-module-eval</span></td></tr><tr><td><span class="hspace"> </span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-evaluator</a></span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">racket/base</span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">define</span><span class="hspace"> </span><span class="RktVal">(</span><span class="RktVal">f</span><span class="RktVal">)</span><span class="hspace"> </span><span class="RktVal">later</span><span class="RktVal">)</span></td></tr><tr><td><span class="hspace"> </span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">define</span><span class="hspace"> </span><span class="RktVal">later</span><span class="hspace"> </span><span class="RktVal">5</span><span class="RktVal">)</span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr></table></td></tr><tr><td><span class="stt">> </span><span class="RktPn">(</span><span class="RktSym">base-module-eval</span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">f</span><span class="RktVal">)</span><span class="RktPn">)</span></td></tr><tr><td><p><span class="RktRes">5</span></p></td></tr><tr><td><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="stt">> </span><span class="RktPn">(</span><span class="RktSym"><a href="define.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._define%29%29" class="RktStxLink
|
||
|
|
restriction of <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-evaluator</a></span>, where the program must be a
|
||
|
|
module, and all imports are part of the program. In some cases it is
|
||
|
|
useful to restrict the program to be a module using a specific module
|
||
|
|
in its language position; use the optional <span class="RktVar">lang</span> argument
|
||
|
|
to specify such a restriction, where <span class="RktVal">#f</span> means that no
|
||
|
|
restriction is enforced. The <span class="RktVar">readers</span> argument similarly
|
||
|
|
constrains the paths that can follow <a href="https://download.racket-lang.org/releases/8.6/doc/local-redirect/index.html?doc=guide&rel=Module_Syntax.html%23%2528part._hash-lang%2529&version=8.6" class="RktModLink Sq" data-pltdoc="x"><span class="RktMod">#lang</span></a> or <span class="RktMeta">#reader</span>
|
||
|
|
if it is not <span class="RktVal">#f</span>, and the default is based on <span class="RktVar">lang</span>.
|
||
|
|
The <span class="RktVar">allow-syntactic-requires</span> argument is treated the same as
|
||
|
|
for <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-evaluator</a></span> in the module-wrapper case.</p><p>When the program is specified as a path, then
|
||
|
|
the path is implicitly added to the <span class="RktVar">allow-for-load</span> list.</p><blockquote class="SCodeFlow"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="define.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._define%29%29" class="RktStxLink" data-pltdoc="x">define</a></span><span class="hspace"> </span><span class="RktSym">base-module-eval2</span></td></tr><tr><td><span class="hspace"> </span><span class="RktCmt">;</span><span class="RktCmt"> </span><span class="RktCmt">equivalent to </span><span class="RktSym">base-module-eval</span><span class="RktCmt">:</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-module-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-module-evaluator</a></span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">module</span><span class="hspace"> </span><span class="RktVal">m</span><span class="hspace"> </span><span class="RktVal">racket/base</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVal">(</span><span class="RktVal">define</span><span class="hspace"> </span><span class="RktVal">(</span><span class="RktVal">f</span><span class="RktVal">)</span><span class="hspace"> </span><span class="RktVal">later</span><span class="RktVal">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVal">(</span><span class="RktVal">define</span><span class="hspace"> </span><span class="RktVal">later</span><span class="hspace"> </span><span class="RktVal">5</span><span class="RktVal">)</span><span class="RktVal">)</span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr></table></blockquote><p>The <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-module-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-module-evaluator</a></span> function can be convenient for testing
|
||
|
|
module files: pass in a path value for the file
|
||
|
|
name, and you get back an evaluator in the module’s context which you
|
||
|
|
can use with your favorite test facility.</p><p><div class="SIntrapara">In all cases, the evaluator operates in an isolated and limited
|
||
|
|
environment:
|
||
|
|
</div><div class="SIntrapara"><ul><li><p>It uses a new custodian and namespace. When
|
||
|
|
<span class="RktSym"><a href="https://download.racket-lang.org/releases/8.6/doc/local-redirect/index.html?doc=gui&rel=Dynamic_Loading.html%23%2528def._%2528%2528lib._racket%252Fgui%252Fdynamic..rkt%2529._gui-available%7E3f%2529%2529&version=8.6" class="RktValLink Sq" data-pltdoc="x">gui-available?</a></span> and <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-gui-available%29%29" class="RktValLink" data-pltdoc="x">sandbox-gui-available</a></span> produce
|
||
|
|
true, it is also runs in its own eventspace.</p></li><li><p>The evaluator works under the <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-security-guard%29%29" class="RktValLink" data-pltdoc="x">sandbox-security-guard</a></span>,
|
||
|
|
which restricts file system and network access.</p></li><li><p>The evaluator is contained in a memory-restricted environment,
|
||
|
|
and each evaluation is wrapped in a <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-limits%29%29" class="RktValLink" data-pltdoc="x">call-with-limits</a></span>
|
||
|
|
(when memory accounting is available); see also
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-memory-limit%29%29" class="RktValLink" data-pltdoc="x">sandbox-memory-limit</a></span>, <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-eval-limits%29%29" class="RktValLink" data-pltdoc="x">sandbox-eval-limits</a></span> and
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._set-eval-limits%29%29" class="RktValLink" data-pltdoc="x">set-eval-limits</a></span>.</p></li></ul></div><div class="SIntrapara">Note that these limits apply to the creation of the sandbox
|
||
|
|
environment too —<wbr></wbr> so, for example, if the memory that is required to
|
||
|
|
create the sandbox is higher than the limit, then
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-evaluator</a></span> will fail with a memory limit exception.</div></p><p>The <span class="RktVar">allow-for-require</span> and <span class="RktVar">allow-for-load</span> arguments
|
||
|
|
adjust filesystem permissions to extend the set of files that
|
||
|
|
are usable by the evaluator. Modules that are in a collection
|
||
|
|
are automatically accessible, but the <span class="RktVar">allow-for-require</span> argument lists
|
||
|
|
additional modules that can be <span class="RktSym"><a href="require.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._require%29%29" class="RktStxLink" data-pltdoc="x">require</a></span>d along with their imports
|
||
|
|
(transitively) through a filesystem path. The <span class="RktVar">allow-for-load</span> argument
|
||
|
|
similarly lists files that can
|
||
|
|
be <span class="RktSym"><a href="eval.html#%28def._%28%28quote._~23~25kernel%29._load%29%29" class="RktValLink" data-pltdoc="x">load</a></span>ed. (The precise permissions needed for
|
||
|
|
<span class="RktSym"><a href="require.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._require%29%29" class="RktStxLink" data-pltdoc="x">require</a></span> versus <span class="RktSym"><a href="eval.html#%28def._%28%28quote._~23~25kernel%29._load%29%29" class="RktValLink" data-pltdoc="x">load</a></span> can differ.) The
|
||
|
|
<span class="RktVar">allow-read</span> argument is for backward compatibility, only; each
|
||
|
|
<span class="RktSym"><a href="Module_Names_and_Loading.html#%28def._%28%28quote._~23~25kernel%29._module-path~3f%29%29" class="RktValLink" data-pltdoc="x">module-path?</a></span> element of <span class="RktVar">allow-read</span> is effectively
|
||
|
|
moved to <span class="RktVar">allow-for-require</span>, while other elements are moved to
|
||
|
|
<span class="RktVar">allow-for-load</span>.</p><p><div class="SIntrapara">The sandboxed environment is well isolated, and the evaluator function
|
||
|
|
essentially sends it an expression and waits for a result. This form
|
||
|
|
of communication makes it impossible to have nested (or concurrent)
|
||
|
|
calls to a single evaluator. Usually this is not a problem, but in
|
||
|
|
some cases you can get the evaluator function available inside the
|
||
|
|
sandboxed code, for example:
|
||
|
|
</div><div class="SIntrapara"><blockquote class="SCodeFlow"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="stt">> </span><span class="RktPn">(</span><span class="RktSym"><a href="let.html#%28form._%28%28lib._racket%2Fprivate%2Fletstx-scheme..rkt%29._let%29%29" class="RktStxLink" data-pltdoc="x">let</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktPn">[</span><span class="RktSym">e</span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-evaluator</a></span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">racket/base</span><span class="RktPn">)</span><span class="RktPn">]</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym">e</span><span class="hspace"> </span><span class="RktVal">`</span><span class="RktVal">(</span><span class="RktRdr">,</span><span class="RktSym">e</span><span class="hspace"> </span><span class="RktVal">1</span><span class="RktVal">)</span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr></table></td></tr><tr><td><p><span class="RktErr">evaluator: nested evaluator call with: 1</span></p></td></tr></table></blockquote></div><div class="SIntrapara">An error will be signaled in such cases.</div></p><p>If the value of <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-propagate-exceptions%29%29" class="RktValLink" data-pltdoc="x">sandbox-propagate-exceptions</a></span> is true (the
|
||
|
|
default) when the sandbox is created, then exceptions (both syntax and
|
||
|
|
run-time) are propagated as usual to the caller of the evaluation
|
||
|
|
function (i.e., catch them with <span class="RktSym"><a href="exns.html#%28form._%28%28lib._racket%2Fprivate%2Fmore-scheme..rkt%29._with-handlers%29%29" class="RktStxLink" data-pltdoc="x">with-handlers</a></span>). See below
|
||
|
|
for a caveat about using raised exceptions directly. If the value
|
||
|
|
of <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-propagate-exceptions%29%29" class="RktValLink" data-pltdoc="x">sandbox-propagate-exceptions</a></span> is <span class="RktVal">#f</span> when the
|
||
|
|
sandbox is created, then uncaught exceptions in a sandbox evaluation
|
||
|
|
cause the error to be printed to the sandbox’s error port, and the
|
||
|
|
caller of the evaluation receives <a href="https://download.racket-lang.org/releases/8.6/doc/local-redirect/index.html?doc=guide&rel=void_undefined.html&version=8.6" class="RktModLink Sq" data-pltdoc="x"><span class="nobreak"><span class="RktRes">#<void></span></span></a>.</p><p>Take care when using a value returned from a sandbox or raised as an
|
||
|
|
exception by a sandbox. The value might by an impersonator, or it
|
||
|
|
might be a structure whose structure type redirects equality
|
||
|
|
comparisons or printing operations. To safely handle an unknown value
|
||
|
|
produced by a sandbox, manipulate it within the sandbox, possibly
|
||
|
|
using <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-in-sandbox-context%29%29" class="RktValLink" data-pltdoc="x">call-in-sandbox-context</a></span>.</p><p>An evaluator can be used only by one thread at a time, and detected
|
||
|
|
concurrent use triggers an exception. Beware of using an evaluator in
|
||
|
|
a non-main thread, because the default value of
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-make-plumber%29%29" class="RktValLink" data-pltdoc="x">sandbox-make-plumber</a></span> registers a callback in the current
|
||
|
|
plumber to flush the evaluator’s plumber, and that means a flush of
|
||
|
|
the current plumber (such as when the Racket process is about to exit)
|
||
|
|
implies a use of the evaluator.</p><p class="SHistory">Changed in version 1.2 of package <span class="stt">sandbox-lib</span>: Added the <span class="RktPn">#:readers</span> and
|
||
|
|
<span class="RktPn">#:allow-syntactic-require</span> arguments.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._exn~3afail~3asandbox-terminated~3f))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._exn~3afail~3asandbox-terminated~3f%29%29" class="RktValDef RktValLink" data-pltdoc="x">exn:fail:sandbox-terminated?</a></span></span><span class="hspace"> </span><span class="RktVar">v</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="booleans.html#%28def._%28%28quote._~23~25kernel%29._boolean~3f%29%29" class="RktValLink" data-pltdoc="x">boolean?</a></span></p></blockquote></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">v</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span></td></tr><tr><td><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._exn~3afail~3asandbox-terminated-reason))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._exn~3afail~3asandbox-terminated-reason%29%29" class="RktValDef RktValLink" data-pltdoc="x">exn:fail:sandbox-terminated-reason</a></span></span><span class="hspace"> </span><span class="RktVar">exn</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="symbols.html#%28def._%28%28quote._~23~25kernel%29._symbol~3f%29%29" class="RktValLink" data-pltdoc="x">symbol?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">exn</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._exn~3afail~3asandbox-terminated~3f%29%29" class="RktValLink" data-pltdoc="x">exn:fail:sandbox-terminated?</a></span></td></tr></table></blockquote></div><div class="SIntrapara">A predicate and accessor for exceptions that are raised when a sandbox
|
||
|
|
is terminated. Once a sandbox raises such an exception, it will
|
||
|
|
continue to raise it on further evaluation attempts.</div></p><h5 x-source-module="(lib "scribblings/reference/reference.scrbl")" x-source-pkg="racket-doc" x-part-tag=""Security_Considerations"">14.12.1<tt> </tt><a name="(part._.Security_.Considerations)"></a>Security Considerations</h5><p>Although the sandbox is designed to provide a safe environment for executing
|
||
|
|
Racket programs with restricted access to system resources, executing untrusted
|
||
|
|
programs in a sandbox still carries some risk. Because a malicious program can
|
||
|
|
exercise arbitrary functionality from the Racket runtime and installed collections,
|
||
|
|
an attacker who identifies a vulnerability in Racket or an installed collection
|
||
|
|
may be able to escape the sandbox.</p><p><div class="SIntrapara">To mitigate this risk, programs that use the sandbox should employ additional
|
||
|
|
precautions when possible. Suggested measures include:
|
||
|
|
</div><div class="SIntrapara"><ul><li><p>Supplying a custom module language to <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-evaluator</a></span> or
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-module-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-module-evaluator</a></span> that gives untrusted code access to only
|
||
|
|
the language constructs it absolutely requires.</p></li><li><p>If untrusted code needs access to installed collections, installing only
|
||
|
|
the collections required by your program.</p></li><li><p>Using operating-system-level security features to provide defense-in-depth
|
||
|
|
in case the process running the sandbox is compromised.</p></li><li><p>Making sure your Racket installation and installed packages are up-to-date
|
||
|
|
with the latest release.</p></li></ul></div></p><h5 x-source-module="(lib "scribblings/reference/reference.scrbl")" x-source-pkg="racket-doc" x-part-tag=""Customizing_Evaluators"">14.12.2<tt> </tt><a name="(part._.Customizing_.Evaluators)"></a>Customizing Evaluators</h5><p>The sandboxed evaluators that <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-evaluator</a></span> creates can be
|
||
|
|
customized via many parameters. Most of the configuration parameters
|
||
|
|
affect newly created evaluators; changing them has no effect on
|
||
|
|
already-running evaluators.</p><p>The default configuration options are set for a very restricted
|
||
|
|
sandboxed environment —<wbr></wbr> one that is safe to make publicly available.
|
||
|
|
Further customizations might be needed in case more privileges are
|
||
|
|
needed, or if you want tighter restrictions. Another useful approach
|
||
|
|
for customizing an evaluator is to begin with a relatively
|
||
|
|
unrestricted configuration and add the desired restrictions. This approach is made
|
||
|
|
possible by the <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-trusted-sandbox-configuration%29%29" class="RktValLink" data-pltdoc="x">call-with-trusted-sandbox-configuration</a></span>
|
||
|
|
function.</p><p>The sandbox environment uses two notions of restricting the time that
|
||
|
|
evaluations takes: <a href="Sandboxed_Evaluation.html#%28tech._shallow._time%29" class="techoutside" data-pltdoc="x"><span class="techinside">shallow time</span></a> and <a href="Sandboxed_Evaluation.html#%28tech._deep._time%29" class="techoutside" data-pltdoc="x"><span class="techinside">deep
|
||
|
|
time</span></a>. <a name="(tech._shallow._time)"></a><span style="font-style: italic">Shallow time</span> refers to the immediate execution of an
|
||
|
|
expression. For example, a <a href="Sandboxed_Evaluation.html#%28tech._shallow._time%29" class="techoutside" data-pltdoc="x"><span class="techinside">shallow time</span></a> limit of five seconds
|
||
|
|
would restrict <span class="RktPn">(</span><span class="RktSym"><a href="threads.html#%28def._%28%28quote._~23~25kernel%29._sleep%29%29" class="RktValLink" data-pltdoc="x">sleep</a></span><span class="stt"> </span><span class="RktVal">6</span><span class="RktPn">)</span> and other computations that take
|
||
|
|
longer than five seconds. <a name="(tech._deep._time)"></a><span style="font-style: italic">Deep time</span> refers to the total
|
||
|
|
execution of the expression and all threads and sub-processes that the
|
||
|
|
expression creates. For example, a <a href="Sandboxed_Evaluation.html#%28tech._deep._time%29" class="techoutside" data-pltdoc="x"><span class="techinside">deep time</span></a> limit of five
|
||
|
|
seconds would restrict <span class="RktPn">(</span><span class="RktSym"><a href="threads.html#%28def._%28%28quote._~23~25kernel%29._thread%29%29" class="RktValLink" data-pltdoc="x">thread</a></span><span class="stt"> </span><span class="RktPn">(</span><span class="RktSym"><a href="lambda.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._~ce~bb%29%29" class="RktStxLink" data-pltdoc="x">λ</a></span><span class="stt"> </span><span class="RktPn">(</span><span class="RktPn">)</span><span class="stt"> </span><span class="RktPn">(</span><span class="RktSym"><a href="threads.html#%28def._%28%28quote._~23~25kernel%29._sleep%29%29" class="RktValLink" data-pltdoc="x">sleep</a></span><span class="stt"> </span><span class="RktVal">6</span><span class="RktPn">)</span><span class="RktPn">)</span><span class="RktPn">)</span>, which
|
||
|
|
<a href="Sandboxed_Evaluation.html#%28tech._shallow._time%29" class="techoutside" data-pltdoc="x"><span class="techinside">shallow time</span></a> would not, <span class="emph">as well as</span> all expressions that
|
||
|
|
<a href="Sandboxed_Evaluation.html#%28tech._shallow._time%29" class="techoutside" data-pltdoc="x"><span class="techinside">shallow time</span></a> would restrict. By default, most sandboxes only
|
||
|
|
restrict <a href="Sandboxed_Evaluation.html#%28tech._shallow._time%29" class="techoutside" data-pltdoc="x"><span class="techinside">shallow time</span></a> to facilitate expressions that use
|
||
|
|
threads.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._call-with-trusted-sandbox-configuration))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-trusted-sandbox-configuration%29%29" class="RktValDef RktValLink" data-pltdoc="x">call-with-trusted-sandbox-configuration</a></span></span><span class="hspace"> </span><span class="RktVar">thunk</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span></p></blockquote></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">thunk</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">Invokes the <span class="RktVar">thunk</span> in a context where sandbox configuration
|
||
|
|
parameters are set for minimal restrictions. More specifically, there
|
||
|
|
are no memory or time limits, and the existing existing <a href="inspectors.html#%28tech._inspector%29" class="techoutside" data-pltdoc="x"><span class="techinside">inspectors</span></a>,
|
||
|
|
<a href="securityguards.html#%28tech._security._guard%29" class="techoutside" data-pltdoc="x"><span class="techinside">security guard</span></a>, <a href="Exiting.html#%28tech._exit._handler%29" class="techoutside" data-pltdoc="x"><span class="techinside">exit handler</span></a>, <a href="logging.html#%28tech._logger%29" class="techoutside" data-pltdoc="x"><span class="techinside">logger</span></a>, <a href="plumbers.html#%28tech._plumber%29" class="techoutside" data-pltdoc="x"><span class="techinside">plumber</span></a>, and
|
||
|
|
<a href="envvars.html#%28tech._environment._variable._set%29" class="techoutside" data-pltdoc="x"><span class="techinside">environment variable set</span></a> are used. (Note that the I/O
|
||
|
|
ports settings are not included.)</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-init-hook))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-init-hook%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-init-hook</a></span></span><span class="RktPn"></span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></p></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-init-hook%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-init-hook</a></span></span><span class="hspace"> </span><span class="RktVar">thunk</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">thunk</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">A <a href="eval-model.html#%28tech._parameter%29" class="techoutside" data-pltdoc="x"><span class="techinside">parameter</span></a> that determines a thunk to be called for initializing a
|
||
|
|
new evaluator. The hook is called just before the program is
|
||
|
|
evaluated in a newly-created evaluator context. It can be used to
|
||
|
|
setup environment parameters related to reading, writing, evaluation,
|
||
|
|
and so on. Certain languages (<span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">special</span><span class="stt"> </span><span class="RktVal">r5rs</span><span class="RktVal">)</span> and the
|
||
|
|
teaching languages) have initializations specific to the language; the
|
||
|
|
hook is used after that initialization, so it can override settings.</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-reader))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-reader%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-reader</a></span></span><span class="RktPn"></span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></p></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-reader%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-reader</a></span></span><span class="hspace"> </span><span class="RktVar">proc</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">proc</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">A <a href="eval-model.html#%28tech._parameter%29" class="techoutside" data-pltdoc="x"><span class="techinside">parameter</span></a> that specifies a function that reads all expressions from
|
||
|
|
<span class="RktPn">(</span><span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._current-input-port%29%29" class="RktValLink" data-pltdoc="x">current-input-port</a></span><span class="RktPn">)</span>. The function is used to read program
|
||
|
|
source for an evaluator when a string, byte string, or port is
|
||
|
|
supplied. The reader function receives a value to be used as input
|
||
|
|
source (i.e., the first argument to <span class="RktSym"><a href="Reading.html#%28def._%28%28quote._~23~25kernel%29._read-syntax%29%29" class="RktValLink" data-pltdoc="x">read-syntax</a></span>), and it
|
||
|
|
should return a list of <a href="syntax-model.html#%28tech._syntax._object%29" class="techoutside" data-pltdoc="x"><span class="techinside">syntax objects</span></a>. The default reader
|
||
|
|
calls <span class="RktSym"><a href="Reading.html#%28def._%28%28quote._~23~25kernel%29._read-syntax%29%29" class="RktValLink" data-pltdoc="x">read-syntax</a></span>, accumulating results in a list until it
|
||
|
|
receives <span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._eof%29%29" class="RktValLink" data-pltdoc="x">eof</a></span>.</div></p><p>Note that the reader function is usually called as is, but when it is
|
||
|
|
used to read the program input for <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-module-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-module-evaluator</a></span>,
|
||
|
|
<span class="RktSym"><a href="Reading.html#%28def._%28%28quote._~23~25kernel%29._read-accept-lang%29%29" class="RktValLink" data-pltdoc="x">read-accept-lang</a></span> and <span class="RktSym"><a href="Reading.html#%28def._%28%28quote._~23~25kernel%29._read-accept-reader%29%29" class="RktValLink" data-pltdoc="x">read-accept-reader</a></span> are set to
|
||
|
|
<span class="RktVal">#t</span>.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><table cellspacing="0" cellpadding="0" class="prototype RForeground"><tr><td valign="top"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-input))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-input%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-input</a></span></span><span class="RktPn"></span><span class="RktPn">)</span></td><td valign="top"><span class="hspace"> </span></td><td valign="top">→</td><td valign="top"><span class="hspace"> </span></td><td valign="top"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktVal">#f</span></td></tr><tr><td><span class="hspace"> </span><span class="RktSym"><a href="strings.html#%28def._%28%28quote._~23~25kernel%29._string~3f%29%29" class="RktValLink" data-pltdoc="x">string?</a></span><span class="hspace"> </span><span class="RktSym"><a href="bytestrings.html#%28def._%28%28quote._~23~25kernel%29._bytes~3f%29%29" class="RktValLink" data-pltdoc="x">bytes?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._input-port~3f%29%29" class="RktValLink" data-pltdoc="x">input-port?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">pipe</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._input-port~3f%29%29" class="RktValLink" data-pltdoc="x">input-port?</a></span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr></table></td></tr></table></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-input%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-input</a></span></span><span class="hspace"> </span><span class="RktVar">in</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><table cellspacing="0" cellpadding="0" class="argcontract"><tr><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="RktVar">in</span></td><td valign="top"><span class="hspace"> </span></td><td valign="top">:</td><td valign="top"><span class="hspace"> </span></td><td valign="top"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktVal">#f</span></td></tr><tr><td><span class="hspace"> </span><span class
|
||
|
|
setting for a newly created evaluator. It defaults to <span class="RktVal">#f</span>,
|
||
|
|
which creates an empty port. The following other values are allowed:</div></p><ul><li><p>a string or byte string, which is converted to a port using
|
||
|
|
<span class="RktSym"><a href="stringport.html#%28def._%28%28quote._~23~25kernel%29._open-input-string%29%29" class="RktValLink" data-pltdoc="x">open-input-string</a></span> or <span class="RktSym"><a href="stringport.html#%28def._%28%28quote._~23~25kernel%29._open-input-bytes%29%29" class="RktValLink" data-pltdoc="x">open-input-bytes</a></span>;</p></li><li><p>an input port;</p></li><li><p>the symbol <span class="RktVal">'</span><span class="RktVal">pipe</span>, which triggers the creation of a
|
||
|
|
pipe, where <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._put-input%29%29" class="RktValLink" data-pltdoc="x">put-input</a></span> can return the output end of the
|
||
|
|
pipe or write directly to it;</p></li><li><p>a thunk, which is called to obtain a port (e.g., using
|
||
|
|
<span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._current-input-port%29%29" class="RktValLink" data-pltdoc="x">current-input-port</a></span> means that the evaluator input is
|
||
|
|
the same as the calling context’s input).</p></li></ul><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><table cellspacing="0" cellpadding="0" class="prototype RForeground"><tr><td valign="top"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-output))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-output%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-output</a></span></span><span class="RktPn"></span><span class="RktPn">)</span></td><td valign="top"><span class="hspace"> </span></td><td valign="top">→</td><td valign="top"><span class="hspace"> </span></td><td valign="top"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktVal">#f</span></td></tr><tr><td><span class="hspace"> </span><span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._output-port~3f%29%29" class="RktValLink" data-pltdoc="x">output-port?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">pipe</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">bytes</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">string</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._output-port~3f%29%29" class="RktValLink" data-pltdoc="x">output-port?</a></span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr></table></td></tr></table></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-output%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-output</a></span></span><span class="hspace"> </span><span class="RktVar">in</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><table cellspacing="0" cellpadding="0" class="argcontract"><tr><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="RktVar">in</span></td><td valign="top"><span class="hspace"> </span></td><td valign="top">:</td><td valign="top"><span class="hspace"> </span></td><td valign="top"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktVal">#f</span></td></tr><tr><td><span class="hspace"> </span><span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._output-port~3f%29%29" cla
|
||
|
|
setting for a newly created evaluator. It defaults to <span class="RktVal">#f</span>,
|
||
|
|
which creates a port that discards all data. The following other
|
||
|
|
values are allowed:</div></p><ul><li><p>an output port, which is used as-is;</p></li><li><p>the symbol <span class="RktVal">'</span><span class="RktVal">bytes</span>, which causes <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._get-output%29%29" class="RktValLink" data-pltdoc="x">get-output</a></span> to
|
||
|
|
return the complete output as a byte string as long as the
|
||
|
|
evaluator has not yet terminated (so that the size of the bytes
|
||
|
|
can be charged to the evaluator);</p></li><li><p>the symbol <span class="RktVal">'</span><span class="RktVal">string</span>, which is similar to
|
||
|
|
<span class="RktVal">'</span><span class="RktVal">bytes</span>, but makes <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._get-output%29%29" class="RktValLink" data-pltdoc="x">get-output</a></span> produce a
|
||
|
|
string;</p></li><li><p>the symbol <span class="RktVal">'</span><span class="RktVal">pipe</span>, which triggers the creation of a
|
||
|
|
pipe, where <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._get-output%29%29" class="RktValLink" data-pltdoc="x">get-output</a></span> returns the input end of the
|
||
|
|
pipe;</p></li><li><p>a thunk, which is called to obtain a port (e.g., using
|
||
|
|
<span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._current-output-port%29%29" class="RktValLink" data-pltdoc="x">current-output-port</a></span> means that the evaluator output is
|
||
|
|
not diverted).</p></li></ul><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><table cellspacing="0" cellpadding="0" class="prototype RForeground"><tr><td valign="top"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-error-output))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-error-output%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-error-output</a></span></span><span class="RktPn"></span><span class="RktPn">)</span></td><td valign="top"><span class="hspace"> </span></td><td valign="top">→</td><td valign="top"><span class="hspace"> </span></td><td valign="top"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktVal">#f</span></td></tr><tr><td><span class="hspace"> </span><span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._output-port~3f%29%29" class="RktValLink" data-pltdoc="x">output-port?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">pipe</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">bytes</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">string</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._output-port~3f%29%29" class="RktValLink" data-pltdoc="x">output-port?</a></span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr></table></td></tr></table></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-error-output%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-error-output</a></span></span><span class="hspace"> </span><span class="RktVar">in</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><table cellspacing="0" cellpadding="0" class="argcontract"><tr><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="RktVar">in</span></td><td valign="top"><span class="hspace"> </span></td><td valign="top">:</td><td valign="top"><span class="hspace"> </span></td><td valign="top"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktVal">#f</span></td></tr><tr><td><span class="hspace"> </span><span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._output-port~3f%29%29" class=
|
||
|
|
<span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._current-error-port%29%29" class="RktValLink" data-pltdoc="x">current-error-port</a></span> value. An evaluator’s error output is set
|
||
|
|
after its output, so using <span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._current-output-port%29%29" class="RktValLink" data-pltdoc="x">current-output-port</a></span> (the parameter
|
||
|
|
itself, not its value) for this parameter value means that the error
|
||
|
|
port is the same as the evaluator’s initial output port.</div></p><p>The default is <span class="RktPn">(</span><span class="RktSym"><a href="lambda.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._lambda%29%29" class="RktStxLink" data-pltdoc="x">lambda</a></span><span class="stt"> </span><span class="RktPn">(</span><span class="RktPn">)</span><span class="stt"> </span><span class="RktPn">(</span><span class="RktSym"><a href="port-lib.html#%28def._%28%28lib._racket%2Fport..rkt%29._dup-output-port%29%29" class="RktValLink" data-pltdoc="x">dup-output-port</a></span><span class="stt"> </span><span class="RktPn">(</span><span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._current-error-port%29%29" class="RktValLink" data-pltdoc="x">current-error-port</a></span><span class="RktPn">)</span><span class="RktPn">)</span><span class="RktPn">)</span>, which means that the error output of the
|
||
|
|
generated evaluator goes to the calling context’s error port.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-coverage-enabled))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-coverage-enabled%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-coverage-enabled</a></span></span><span class="RktPn"></span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="booleans.html#%28def._%28%28quote._~23~25kernel%29._boolean~3f%29%29" class="RktValLink" data-pltdoc="x">boolean?</a></span></p></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-coverage-enabled%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-coverage-enabled</a></span></span><span class="hspace"> </span><span class="RktVar">enabled?</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">enabled?</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span></td></tr></table></blockquote></div><div class="SIntrapara">A <a href="eval-model.html#%28tech._parameter%29" class="techoutside" data-pltdoc="x"><span class="techinside">parameter</span></a> that controls whether syntactic coverage information is
|
||
|
|
collected by sandbox evaluators. Use
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._get-uncovered-expressions%29%29" class="RktValLink" data-pltdoc="x">get-uncovered-expressions</a></span> to retrieve coverage information.</div></p><p>The default value is <span class="RktVal">#f</span>.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-propagate-breaks))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-propagate-breaks%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-propagate-breaks</a></span></span><span class="RktPn"></span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="booleans.html#%28def._%28%28quote._~23~25kernel%29._boolean~3f%29%29" class="RktValLink" data-pltdoc="x">boolean?</a></span></p></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-propagate-breaks%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-propagate-breaks</a></span></span><span class="hspace"> </span><span class="RktVar">propagate?</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">propagate?</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span></td></tr></table></blockquote></div><div class="SIntrapara">When both this boolean parameter and <span class="RktPn">(</span><span class="RktSym"><a href="breakhandler.html#%28def._%28%28quote._~23~25kernel%29._break-enabled%29%29" class="RktValLink" data-pltdoc="x">break-enabled</a></span><span class="RktPn">)</span> are true,
|
||
|
|
breaking while an evaluator is
|
||
|
|
running propagates the break signal to the sandboxed
|
||
|
|
context. This makes the sandboxed evaluator break, typically, but
|
||
|
|
beware that sandboxed evaluation can capture and avoid the breaks (so
|
||
|
|
if safe execution of code is your goal, make sure you use it with a
|
||
|
|
time limit). Also, beware that a break may be received after the
|
||
|
|
evaluator’s result, in which case the evaluation result is lost. Finally,
|
||
|
|
beware that a break may be propagated after an evaluator has produced
|
||
|
|
a result, so that the break is visible on the next interaction with
|
||
|
|
the evaluator (or the break is lost if the evaluator is not used
|
||
|
|
further). The default is <span class="RktVal">#t</span>.</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-propagate-exceptions))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-propagate-exceptions%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-propagate-exceptions</a></span></span><span class="RktPn"></span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="booleans.html#%28def._%28%28quote._~23~25kernel%29._boolean~3f%29%29" class="RktValLink" data-pltdoc="x">boolean?</a></span></p></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-propagate-exceptions%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-propagate-exceptions</a></span></span><span class="hspace"> </span><span class="RktVar">propagate?</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">propagate?</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span></td></tr></table></blockquote></div><div class="SIntrapara">A <a href="eval-model.html#%28tech._parameter%29" class="techoutside" data-pltdoc="x"><span class="techinside">parameter</span></a> that controls how uncaught exceptions during a sandbox
|
||
|
|
evaluation are treated. When the parameter value is <span class="RktVal">#t</span>,
|
||
|
|
then the exception is propagated to the caller of sandbox.
|
||
|
|
When the parameter value is <span class="RktVal">#f</span>, the exception message
|
||
|
|
is printed to the sandbox’s error port, and the caller of the
|
||
|
|
sandbox receives <a href="https://download.racket-lang.org/releases/8.6/doc/local-redirect/index.html?doc=guide&rel=void_undefined.html&version=8.6" class="RktModLink Sq" data-pltdoc="x"><span class="nobreak"><span class="RktRes">#<void></span></span></a> for the evaluation. The default
|
||
|
|
is <span class="RktVal">#t</span>.</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><table cellspacing="0" cellpadding="0" class="prototype RForeground"><tr><td valign="top"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-namespace-specs))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-namespace-specs%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-namespace-specs</a></span></span><span class="RktPn"></span><span class="RktPn">)</span></td><td valign="top"><span class="hspace"> </span></td><td valign="top">→</td><td valign="top"><span class="hspace"> </span></td><td valign="top"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._cons%2Fc%29%29" class="RktValLink" data-pltdoc="x">cons/c</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="Namespaces.html#%28def._%28%28quote._~23~25kernel%29._namespace~3f%29%29" class="RktValLink" data-pltdoc="x">namespace?</a></span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._listof%29%29" class="RktValLink" data-pltdoc="x">listof</a></span><span class="hspace"> </span><span class="RktSym"><a href="Module_Names_and_Loading.html#%28def._%28%28quote._~23~25kernel%29._module-path~3f%29%29" class="RktValLink" data-pltdoc="x">module-path?</a></span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr></table></td></tr></table></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-namespace-specs%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-namespace-specs</a></span></span><span class="hspace"> </span><span class="RktVar">spec</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><table cellspacing="0" cellpadding="0" class="argcontract"><tr><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="RktVar">spec</span></td><td valign="top"><span class="hspace"> </span></td><td valign="top">:</td><td valign="top"><span class="hspace"> </span></td><td valign="top"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._cons%2Fc%29%29" class="RktValLink" data-pltdoc="x">cons/c</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="Namespaces.html#%28def._%28%28quote._~23~25kernel%29._namespace~3f%29%29" class="RktValLink" data-pltdoc="x">namespace?</a></span><span
|
||
|
|
namespace for evaluation in <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-evaluator</a></span> or
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-module-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-module-evaluator</a></span>. The first item in the list is a thunk
|
||
|
|
that creates the namespace, and the rest are module paths for modules
|
||
|
|
to be attached to the created namespace using
|
||
|
|
<span class="RktSym"><a href="Namespaces.html#%28def._%28%28quote._~23~25kernel%29._namespace-attach-module%29%29" class="RktValLink" data-pltdoc="x">namespace-attach-module</a></span>.</div></p><p>The default is <span class="RktPn">(</span><span class="RktSym"><a href="pairs.html#%28def._%28%28quote._~23~25kernel%29._list%29%29" class="RktValLink" data-pltdoc="x">list</a></span><span class="stt"> </span><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-make-namespace%29%29" class="RktValLink" data-pltdoc="x">sandbox-make-namespace</a></span><span class="RktPn">)</span>.</p><p>The module paths are needed for sharing module instantiations between
|
||
|
|
the sandbox and the caller. For example, sandbox code that returns
|
||
|
|
<span class="RktSym">posn</span> values (from the <span class="RktSym">lang/posn</span> module) will
|
||
|
|
not be recognized as such by your own code by default, since the
|
||
|
|
sandbox will have its own instance of <span class="RktSym">lang/posn</span> and
|
||
|
|
thus its own struct type for <span class="RktSym">posn</span>s. To be able to use such
|
||
|
|
values, include <span class="RktVal">'</span><span class="RktVal">lang/posn</span> in the list of module paths.</p><p>When testing code that uses a teaching language, the following piece
|
||
|
|
of code can be helpful:</p><blockquote class="SCodeFlow"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-namespace-specs%29%29" class="RktValLink" data-pltdoc="x">sandbox-namespace-specs</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="let.html#%28form._%28%28lib._racket%2Fprivate%2Fletstx-scheme..rkt%29._let%29%29" class="RktStxLink" data-pltdoc="x">let</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktPn">[</span><span class="RktSym">specs</span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-namespace-specs%29%29" class="RktValLink" data-pltdoc="x">sandbox-namespace-specs</a></span><span class="RktPn">)</span><span class="RktPn">]</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVal">`</span><span class="RktVal">(</span><span class="RktRdr">,</span><span class="RktPn">(</span><span class="RktSym"><a href="pairs.html#%28def._%28%28quote._~23~25kernel%29._car%29%29" class="RktValLink" data-pltdoc="x">car</a></span><span class="hspace"> </span><span class="RktSym">specs</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktRdr">,@</span><span class="RktPn">(</span><span class="RktSym"><a href="pairs.html#%28def._%28%28quote._~23~25kernel%29._cdr%29%29" class="RktValLink" data-pltdoc="x">cdr</a></span><span class="hspace"> </span><span class="RktSym">specs</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVal">lang/posn</span></td></tr><tr><td><span class="hspace"> </span><span class="RktRdr">,@</span><span class="RktPn">(</span><span class="RktSym"><a href="if.html#%28form._%28%28quote._~23~25kernel%29._if%29%29" class="RktStxLink" data-pltdoc="x">if</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="https://download.racket-lang.org/releases/8.6/doc/local-redirect/index.html?doc=gui&rel=Dynamic_Loading.html%23%2528def._%2528%2528lib._racket%252Fgui%252Fdynamic..rkt%2529._gui-available%7E3f%2529%2529&version=8.6" class="RktValLink Sq" data-pltdoc="x">gui-available?</a></span><span class="RktPn">)</span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">mrlib/cache-image-snip</span><span class="RktVal">)</span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">)</span><span class="RktPn">)</span><span class="RktVal">)</span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr></table></blockquote><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-make-namespace))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-make-namespace%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-make-namespace</a></span></span><span class="RktPn"></span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="Namespaces.html#%28def._%28%28quote._~23~25kernel%29._namespace~3f%29%29" class="RktValLink" data-pltdoc="x">namespace?</a></span></p></blockquote></td></tr></table></blockquote></div><div class="SIntrapar
|
||
|
|
produces true, <span class="RktSym"><a href="Namespaces.html#%28def._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._make-base-namespace%29%29" class="RktValLink" data-pltdoc="x">make-base-namespace</a></span> otherwise.</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-gui-available))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-gui-available%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-gui-available</a></span></span><span class="RktPn"></span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="booleans.html#%28def._%28%28quote._~23~25kernel%29._boolean~3f%29%29" class="RktValLink" data-pltdoc="x">boolean?</a></span></p></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-gui-available%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-gui-available</a></span></span><span class="hspace"> </span><span class="RktVar">avail?</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">avail?</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span></td></tr></table></blockquote></div><div class="SIntrapara">Determines whether the <a href="https://download.racket-lang.org/releases/8.6/doc/local-redirect/index.html?doc=gui&rel=index.html&version=8.6" class="RktModLink Sq" data-pltdoc="x"><span class="RktSym">racket/gui</span></a> module can be used
|
||
|
|
when a sandbox evaluator is created. If <span class="RktSym"><a href="https://download.racket-lang.org/releases/8.6/doc/local-redirect/index.html?doc=gui&rel=Dynamic_Loading.html%23%2528def._%2528%2528lib._racket%252Fgui%252Fdynamic..rkt%2529._gui-available%7E3f%2529%2529&version=8.6" class="RktValLink Sq" data-pltdoc="x">gui-available?</a></span>
|
||
|
|
produces <span class="RktVal">#f</span> during the creation of a sandbox evaluator, this
|
||
|
|
parameter is forced to <span class="RktVal">#f</span> during initialization of the
|
||
|
|
sandbox. The default value of the parameter is <span class="RktVal">#t</span>.</div></p><p>Various aspects of the library change when the GUI library is
|
||
|
|
available, such as using a new eventspace for each evaluator.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-override-collection-paths))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-override-collection-paths%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-override-collection-paths</a></span></span><span class="RktPn"></span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._listof%29%29" class="RktValLink" data-pltdoc="x">listof</a></span><span class="hspace"> </span><span class="RktSym"><a href="Manipulating_Paths.html#%28def._%28%28lib._racket%2Fprivate%2Fmisc..rkt%29._path-string~3f%29%29" class="RktValLink" data-pltdoc="x">path-string?</a></span><span class="RktPn">)</span></p></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-override-collection-paths%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-override-collection-paths</a></span></span><span class="hspace"> </span><span class="RktVar">paths</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">paths</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._listof%29%29" class="RktValLink" data-pltdoc="x">listof</a></span><span class="hspace"> </span><span class="RktSym"><a href="Manipulating_Paths.html#%28def._%28%28lib._racket%2Fprivate%2Fmisc..rkt%29._path-string~3f%29%29" class="RktValLink" data-pltdoc="x">path-string?</a></span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">A <a href="eval-model.html#%28tech._parameter%29" class="techoutside" data-pltdoc="x"><span class="techinside">parameter</span></a> that determines a list of collection directories to prefix
|
||
|
|
<span class="RktSym"><a href="collects.html#%28def._%28%28quote._~23~25kernel%29._current-library-collection-paths%29%29" class="RktValLink" data-pltdoc="x">current-library-collection-paths</a></span> in an evaluator. This
|
||
|
|
parameter is useful for cases when you want to test code using an
|
||
|
|
alternate, test-friendly version of a collection, for example, testing
|
||
|
|
code that uses a GUI (like the <span class="RktSym">htdp/world</span> teachpack) can be
|
||
|
|
done using a fake library that provides the same interface but no
|
||
|
|
actual interaction. The default is <span class="RktSym"><a href="pairs.html#%28def._%28%28quote._~23~25kernel%29._null%29%29" class="RktValLink" data-pltdoc="x">null</a></span>.</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-security-guard))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-security-guard%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-security-guard</a></span></span><span class="RktPn"></span><span class="RktPn">)</span></p></blockquote></td></tr><tr><td><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktSym"><a href="securityguards.html#%28def._%28%28quote._~23~25kernel%29._security-guard~3f%29%29" class="RktValLink" data-pltdoc="x">security-guard?</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="securityguards.html#%28def._%28%28quote._~23~25kernel%29._security-guard~3f%29%29" class="RktValLink" data-pltdoc="x">security-guard?</a></span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-security-guard%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-security-guard</a></span></span><span class="hspace"> </span><span class="RktVar">guard</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">guard</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktSym"><a href="securityguards.html#%28def._%28%28quote._~23~25kernel%29._security-guard~3f%29%29" class="RktValLink" data-pltdoc="x">security-guard?</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="securityguards.html#%28def._%28%28quote._~23~25kernel%29._security-guard~3f%29%29" class="RktValLink" data-pltdoc="x">security-guard?</a></span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">A <a href="eval-model.html#%28tech._parameter%29" class="techoutside" data-pltdoc="x"><span class="techinside">parameter</span></a> that determines the initial
|
||
|
|
<span class="RktPn">(</span><span class="RktSym"><a href="securityguards.html#%28def._%28%28quote._~23~25kernel%29._current-security-guard%29%29" class="RktValLink" data-pltdoc="x">current-security-guard</a></span><span class="RktPn">)</span> for sandboxed evaluations. It can
|
||
|
|
be either a security guard, or a function to construct one. The
|
||
|
|
default is a function that restricts the access of the current
|
||
|
|
security guard by forbidding all filesystem I/O except for
|
||
|
|
specifications in <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-path-permissions%29%29" class="RktValLink" data-pltdoc="x">sandbox-path-permissions</a></span>, and it uses
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-network-guard%29%29" class="RktValLink" data-pltdoc="x">sandbox-network-guard</a></span> for network connections.</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-path-permissions))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-path-permissions%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-path-permissions</a></span></span><span class="RktPn"></span><span class="RktPn">)</span></p></blockquote></td></tr><tr><td><table cellspacing="0" cellpadding="0" class="prototype"><tr><td valign="top"><span class="hspace"> </span></td><td valign="top">→</td><td valign="top"><span class="hspace"> </span></td><td valign="top"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._listof%29%29" class="RktValLink" data-pltdoc="x">listof</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._list%2Fc%29%29" class="RktValLink" data-pltdoc="x">list/c</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">execute</span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">write</span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">delete</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">read-bytecode</span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">read</span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">exists</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktSym"><a href="regexp.html#%28def._%28%28quote._~23~25kernel%29._byte-regexp~3f%29%29" class="RktValLink" data-pltdoc="x">byte-regexp?</a></span><span class="hspace"> </span><span class="RktSym"><a href="bytestrings.html#%28def._%28%28quote._~23~25kernel%29._bytes~3f%29%29" class="RktValLink" data-pltdoc="x">bytes?</a></span><span class="hspace"> </span><span class="RktSym"><a href="strings.html#%28def._%28%28quote._~23~25kernel%29._string~3f%29%29" class="RktValLink" data-pltdoc="x">string?</a></span><span class="hspace"> </span><span class="RktSym"><a href="Manipulating_Paths.html#%28def._%28%28quote._~23~25kernel%29._path~3f%29%29" class="RktValLink" data-pltdoc="x">path?</a></span><span class="RktPn">)</span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr></table></td></tr></table></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandb
|
||
|
|
security guard by listing paths and access modes that are allowed for
|
||
|
|
them. The contents of this parameter is a list of specifications,
|
||
|
|
each is an access mode and a byte-regexp for paths that are granted this
|
||
|
|
access.</div></p><p>The access mode symbol is one of: <span class="RktVal">'</span><span class="RktVal">execute</span>, <span class="RktVal">'</span><span class="RktVal">write</span>,
|
||
|
|
<span class="RktVal">'</span><span class="RktVal">delete</span>, <span class="RktVal">'</span><span class="RktVal">read</span>, or <span class="RktVal">'</span><span class="RktVal">exists</span>. These symbols
|
||
|
|
are in decreasing order: each implies access for the following modes
|
||
|
|
too (e.g., <span class="RktVal">'</span><span class="RktVal">read</span> allows reading or checking for existence).</p><p>The path regexp is used to identify paths that are granted access. It
|
||
|
|
can also be given as a path (or a string or a byte string), which is
|
||
|
|
(made into a complete path, cleansed, simplified, and then) converted
|
||
|
|
to a regexp that allows the path and sub-directories; e.g.,
|
||
|
|
<span class="RktVal">"/foo/bar"</span> applies to <span class="RktVal">"/foo/bar/baz"</span>.</p><p>An additional mode symbol, <span class="RktVal">'</span><span class="RktVal">read-bytecode</span>, is not part of the
|
||
|
|
linear order of these modes. Specifying this mode is similar to
|
||
|
|
specifying <span class="RktVal">'</span><span class="RktVal">read</span>, but it is not implied by any other mode.
|
||
|
|
(For example, even if you specify <span class="RktVal">'</span><span class="RktVal">write</span> for a certain path,
|
||
|
|
you need to also specify <span class="RktVal">'</span><span class="RktVal">read-bytecode</span> to grant this
|
||
|
|
permission.) The sandbox usually works in the context of a lower code
|
||
|
|
inspector (see <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-make-code-inspector%29%29" class="RktValLink" data-pltdoc="x">sandbox-make-code-inspector</a></span>) which prevents
|
||
|
|
loading of untrusted bytecode files —<wbr></wbr> the sandbox is set-up to allow
|
||
|
|
loading bytecode from files that are specified with
|
||
|
|
<span class="RktVal">'</span><span class="RktVal">read-bytecode</span>. This specification is given by default to
|
||
|
|
the Racket collection hierarchy (including user-specific libraries) and
|
||
|
|
to libraries that are explicitly specified in an <span class="RktPn">#:allow-read</span>
|
||
|
|
argument. (Note that this applies for loading bytecode files only,
|
||
|
|
under a lower code inspector it is still impossible to use protected
|
||
|
|
module bindings (see <a href="modprotect.html" data-pltdoc="x">Code Inspectors</a>).)</p><p>The default value is null, but when an evaluator is created, it is
|
||
|
|
augmented by <span class="RktVal">'</span><span class="RktVal">read-bytecode</span> permissions that make it possible
|
||
|
|
to use collection libraries (including
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-override-collection-paths%29%29" class="RktValLink" data-pltdoc="x">sandbox-override-collection-paths</a></span>). See
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-evaluator</a></span> for more information.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-network-guard))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-network-guard%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-network-guard</a></span></span><span class="RktPn"></span><span class="RktPn">)</span></p></blockquote></td></tr><tr><td><table cellspacing="0" cellpadding="0" class="prototype"><tr><td valign="top"><span class="hspace"> </span></td><td valign="top">→</td><td valign="top"><span class="hspace"> </span></td><td valign="top"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="symbols.html#%28def._%28%28quote._~23~25kernel%29._symbol~3f%29%29" class="RktValLink" data-pltdoc="x">symbol?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._and%2Fc%29%29" class="RktValLink" data-pltdoc="x">and/c</a></span><span class="hspace"> </span><span class="RktSym"><a href="strings.html#%28def._%28%28quote._~23~25kernel%29._string~3f%29%29" class="RktValLink" data-pltdoc="x">string?</a></span><span class="hspace"> </span><span class="RktSym"><a href="booleans.html#%28def._%28%28quote._~23~25kernel%29._immutable~3f%29%29" class="RktValLink" data-pltdoc="x">immutable?</a></span><span class="RktPn">)</span><span class="hspace"> </span><span class="RktVal">#f</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._integer-in%29%29" class="RktValLink" data-pltdoc="x">integer-in</a></span><span class="hspace"> </span><span class="RktVal">1</span><span class="hspace"> </span><span class="RktVal">65535</span><span class="RktPn">)</span><span class="hspace"> </span><span class="RktVal">#f</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">server</span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">client</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2F
|
||
|
|
default <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-security-guard%29%29" class="RktValLink" data-pltdoc="x">sandbox-security-guard</a></span>. The default forbids all
|
||
|
|
network connection.</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-exit-handler))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-exit-handler%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-exit-handler</a></span></span><span class="RktPn"></span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></p></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-exit-handler%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-exit-handler</a></span></span><span class="hspace"> </span><span class="RktVar">handler</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">handler</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">A <a href="eval-model.html#%28tech._parameter%29" class="techoutside" data-pltdoc="x"><span class="techinside">parameter</span></a> that determines the initial <span class="RktPn">(</span><span class="RktSym"><a href="Exiting.html#%28def._%28%28quote._~23~25kernel%29._exit-handler%29%29" class="RktValLink" data-pltdoc="x">exit-handler</a></span><span class="RktPn">)</span> for
|
||
|
|
sandboxed evaluations. The default kills the evaluator with an
|
||
|
|
appropriate error message (see
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._exn~3afail~3asandbox-terminated-reason%29%29" class="RktValLink" data-pltdoc="x">exn:fail:sandbox-terminated-reason</a></span>).</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-memory-limit))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-memory-limit%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-memory-limit</a></span></span><span class="RktPn"></span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._~3e~3d%2Fc%29%29" class="RktValLink" data-pltdoc="x">>=/c</a></span><span class="hspace"> </span><span class="RktVal">0</span><span class="RktPn">)</span><span class="hspace"> </span><span class="RktVal">#f</span><span class="RktPn">)</span></p></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-memory-limit%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-memory-limit</a></span></span><span class="hspace"> </span><span class="RktVar">limit</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">limit</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._~3e~3d%2Fc%29%29" class="RktValLink" data-pltdoc="x">>=/c</a></span><span class="hspace"> </span><span class="RktVal">0</span><span class="RktPn">)</span><span class="hspace"> </span><span class="RktVal">#f</span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">A <a href="eval-model.html#%28tech._parameter%29" class="techoutside" data-pltdoc="x"><span class="techinside">parameter</span></a> that determines the total memory limit on the sandbox in
|
||
|
|
megabytes (it can hold a rational or a floating point number). When
|
||
|
|
this limit is exceeded, the sandbox is terminated. This value is used
|
||
|
|
when the sandbox is created and the limit cannot be changed
|
||
|
|
afterwards. It defaults to 30mb. See <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-eval-limits%29%29" class="RktValLink" data-pltdoc="x">sandbox-eval-limits</a></span>
|
||
|
|
for per-evaluation limits and a description of how the two limits work
|
||
|
|
together.</div></p><p>Note that (when memory accounting is enabled) memory is attributed to
|
||
|
|
the highest custodian that refers to it. This means that if you
|
||
|
|
inspect a value that sandboxed evaluation returns outside of the
|
||
|
|
sandbox, your own custodian will be charged for it. To ensure that it
|
||
|
|
is charged back to the sandbox, you should remove references to such
|
||
|
|
values when the code is done inspecting it.</p><p><div class="SIntrapara">This policy has an impact on how the sandbox memory limit interacts
|
||
|
|
with the per-expression limit specified by
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-eval-limits%29%29" class="RktValLink" data-pltdoc="x">sandbox-eval-limits</a></span>: values that are reachable from the
|
||
|
|
sandbox, as well as from the interaction will count against the
|
||
|
|
sandbox limit. For example, in the last interaction of this code,
|
||
|
|
</div><div class="SIntrapara"><blockquote class="SCodeFlow"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="define.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._define%29%29" class="RktStxLink" data-pltdoc="x">define</a></span><span class="hspace"> </span><span class="RktSym">e</span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-evaluator</a></span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">racket/base</span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr><tr><td><span class="RktPn">(</span><span class="RktSym">e</span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">define</span><span class="hspace"> </span><span class="RktVal">a</span><span class="hspace"> </span><span class="RktVal">1</span><span class="RktVal">)</span><span class="RktPn">)</span></td></tr><tr><td><span class="RktPn">(</span><span class="RktSym">e</span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">for</span><span class="hspace"> </span><span class="RktVal">(</span><span class="RktVal">[</span><span class="RktVal">i</span><span class="hspace"> </span><span class="RktVal">(</span><span class="RktVal">in-range</span><span class="hspace"> </span><span class="RktVal">20</span><span class="RktVal">)</span><span class="RktVal">]</span><span class="RktVal">)</span><span class="hspace"> </span><span class="RktVal">(</span><span class="RktVal">set!</span><span class="hspace"> </span><span class="RktVal">a</span><span class="hspace"> </span><span class="RktVal">(</span><span class="RktVal">cons</span><span class="hspace"> </span><span class="RktVal">(</span><span class="RktVal">make-bytes</span><span class="hspace"> </span><span class="RktVal">500000</span><span class="RktVal">)</span><span class="hspace"> </span><span class="RktVal">a</span><span class="RktVal">)</span><span class="RktVal">)</span><span class="RktVal">)</span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">the memory blocks are allocated within the interaction limit, but
|
||
|
|
since they’re chained to the defined variable, they’re also reachable
|
||
|
|
from the sandbox —<wbr></wbr> so they will count against the sandbox memory
|
||
|
|
limit but not against the interaction limit (more precisely, no more
|
||
|
|
than one block counts against the interaction limit).</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><table cellspacing="0" cellpadding="0" class="prototype RForeground"><tr><td valign="top"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-eval-limits))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-eval-limits%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-eval-limits</a></span></span><span class="RktPn"></span><span class="RktPn">)</span></td><td valign="top"><span class="hspace"> </span></td><td valign="top">→</td><td valign="top"><span class="hspace"> </span></td><td valign="top"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._list%2Fc%29%29" class="RktValLink" data-pltdoc="x">list/c</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._~3e~3d%2Fc%29%29" class="RktValLink" data-pltdoc="x">>=/c</a></span><span class="hspace"> </span><span class="RktVal">0</span><span class="RktPn">)</span><span class="hspace"> </span><span class="RktVal">#f</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._~3e~3d%2Fc%29%29" class="RktValLink" data-pltdoc="x">>=/c</a></span><span class="hspace"> </span><span class="RktVal">0</span><span class="RktPn">)</span><span class="hspace"> </span><span class="RktVal">#f</span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVal">#f</span><span class="RktPn">)</span></td></tr></table></td></tr></table></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-eval-limits%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-eval-limits</a></span></span><span class="hspace"> </span><span class="RktVar">limits</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><table cellspacing="0" cellpadding="0" class="argcontract"><tr><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="RktVar">limits</span></td><td valign="top"><span class="hspace"> </span></td><td valign="top">:</
|
||
|
|
use of a <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-evaluator</a></span> function, including the initial
|
||
|
|
evaluation of the input program. Its value should be a list of two
|
||
|
|
numbers; where the first is a <a href="Sandboxed_Evaluation.html#%28tech._shallow._time%29" class="techoutside" data-pltdoc="x"><span class="techinside">shallow time</span></a> value in seconds,
|
||
|
|
and the second is a memory limit in megabytes (note that they don’t
|
||
|
|
have to be integers). Either one can be <span class="RktVal">#f</span> for disabling the
|
||
|
|
corresponding limit; alternately, the parameter can be set to
|
||
|
|
<span class="RktVal">#f</span> to disable all per-evaluation limits (useful in case more
|
||
|
|
limit kinds are available in future versions). The default is
|
||
|
|
<span class="RktPn">(</span><span class="RktSym"><a href="pairs.html#%28def._%28%28quote._~23~25kernel%29._list%29%29" class="RktValLink" data-pltdoc="x">list</a></span><span class="stt"> </span><span class="RktVal">30</span><span class="stt"> </span><span class="RktVal">20</span><span class="RktPn">)</span>.</div></p><p><div class="SIntrapara">Note that these limits apply to the creation of the sandbox
|
||
|
|
environment too —<wbr></wbr> even <span class="RktPn">(</span><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-evaluator</a></span><span class="stt"> </span><span class="RktVal">'</span><span class="RktVal">racket/base</span><span class="RktPn">)</span> can
|
||
|
|
fail if the limits are strict enough. For example,
|
||
|
|
</div><div class="SIntrapara"><blockquote class="SCodeFlow"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="parameters.html#%28form._%28%28lib._racket%2Fprivate%2Fmore-scheme..rkt%29._parameterize%29%29" class="RktStxLink" data-pltdoc="x">parameterize</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktPn">[</span><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-eval-limits%29%29" class="RktValLink" data-pltdoc="x">sandbox-eval-limits</a></span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">0.25</span><span class="hspace"> </span><span class="RktVal">5</span><span class="RktVal">)</span><span class="RktPn">]</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-evaluator</a></span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">racket/base</span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">sleep</span><span class="hspace"> </span><span class="RktVal">2</span><span class="RktVal">)</span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">will throw an error instead of creating an evaluator. Therefore, to
|
||
|
|
avoid surprises you need to catch errors that happen when the sandbox
|
||
|
|
is created.</div></p><p>When limits are set, <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-limits%29%29" class="RktValLink" data-pltdoc="x">call-with-limits</a></span> (see below) is wrapped
|
||
|
|
around each use of the evaluator, so consuming too much time or memory
|
||
|
|
results in an exception. Change the limits of a running evaluator
|
||
|
|
using <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._set-eval-limits%29%29" class="RktValLink" data-pltdoc="x">set-eval-limits</a></span>.</p><blockquote class="refpara"><blockquote class="refcolumn"><blockquote class="refcontent"><p>A custodian’s limit is checked only after a garbage
|
||
|
|
collection, except that it may also be checked during
|
||
|
|
certain large allocations that are individually larger
|
||
|
|
than the custodian’s limit.</p></blockquote></blockquote></blockquote><p><div class="SIntrapara">The memory limit that is specified by this parameter applies to each
|
||
|
|
individual evaluation, but not to the whole sandbox —<wbr></wbr> that limit is
|
||
|
|
specified via <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-memory-limit%29%29" class="RktValLink" data-pltdoc="x">sandbox-memory-limit</a></span>. When the global limit is
|
||
|
|
exceeded, the sandbox is terminated, but when the per-evaluation limit
|
||
|
|
is exceeded, an exception recognizable by <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._exn~3afail~3aresource~3f%29%29" class="RktValLink" data-pltdoc="x">exn:fail:resource?</a></span> is raised. For example, say that
|
||
|
|
you evaluate an expression like
|
||
|
|
</div><div class="SIntrapara"><blockquote class="SCodeFlow"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="for.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._for%29%29" class="RktStxLink" data-pltdoc="x">for</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktPn">[</span><span class="RktSym">i</span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="sequences.html#%28def._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._in-range%29%29" class="RktValLink" data-pltdoc="x">in-range</a></span><span class="hspace"> </span><span class="RktVal">1000</span><span class="RktPn">)</span><span class="RktPn">]</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="set_.html#%28form._%28%28quote._~23~25kernel%29._set%21%29%29" class="RktStxLink" data-pltdoc="x">set!</a></span><span class="hspace"> </span><span class="RktSym">a</span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="pairs.html#%28def._%28%28quote._~23~25kernel%29._cons%29%29" class="RktValLink" data-pltdoc="x">cons</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="bytestrings.html#%28def._%28%28quote._~23~25kernel%29._make-bytes%29%29" class="RktValLink" data-pltdoc="x">make-bytes</a></span><span class="hspace"> </span><span class="RktVal">1000000</span><span class="RktPn">)</span><span class="hspace"> </span><span class="RktSym">a</span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="garbagecollection.html#%28def._%28%28quote._~23~25kernel%29._collect-garbage%29%29" class="RktValLink" data-pltdoc="x">collect-garbage</a></span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">then, assuming sufficiently small limits,
|
||
|
|
</div><div class="SIntrapara"><ul><li><p>if a global limit is set but no per-evaluation limit, the
|
||
|
|
sandbox will eventually be terminated and no further
|
||
|
|
evaluations possible;</p></li><li><p>if there is a per-evaluation limit, but no global limit, the
|
||
|
|
evaluation will abort with an error and it can be used again
|
||
|
|
—<wbr></wbr> specifically, <span class="RktSym">a</span> will still hold a number of
|
||
|
|
blocks, and you can evaluate the same expression again which
|
||
|
|
will add more blocks to it;</p></li><li><p>if both limits are set, with the global one larger than the
|
||
|
|
per-evaluation limit, then the evaluation will abort and you
|
||
|
|
will be able to repeat it, but doing so several times will
|
||
|
|
eventually terminate the sandbox (this will be indicated by
|
||
|
|
the error message, and by the <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._evaluator-alive~3f%29%29" class="RktValLink" data-pltdoc="x">evaluator-alive?</a></span>
|
||
|
|
predicate).</p></li></ul></div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-eval-handlers))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-eval-handlers%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-eval-handlers</a></span></span><span class="RktPn"></span><span class="RktPn">)</span></p></blockquote></td></tr><tr><td><table cellspacing="0" cellpadding="0" class="prototype"><tr><td valign="top"><span class="hspace"> </span></td><td valign="top">→</td><td valign="top"><span class="hspace"> </span></td><td valign="top"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._list%2Fc%29%29" class="RktValLink" data-pltdoc="x">list/c</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktVal">#f</span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktVal">#f</span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><spa
|
||
|
|
sandboxed evaluations. The first one is used when evaluating the
|
||
|
|
initial program when the sandbox is being set-up, and the second is
|
||
|
|
used for each interaction. Each of these handlers should expect a
|
||
|
|
thunk as an argument, and they should execute these thunks —<wbr></wbr>
|
||
|
|
possibly imposing further restrictions. The default values are
|
||
|
|
<span class="RktVal">#f</span> and <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-custodian-shutdown%29%29" class="RktValLink" data-pltdoc="x">call-with-custodian-shutdown</a></span>, meaning no
|
||
|
|
additional restrictions on initial sandbox code (e.g., it can start
|
||
|
|
background threads), and a custodian-shutdown around each interaction
|
||
|
|
that follows. Another useful function for this is
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-killing-threads%29%29" class="RktValLink" data-pltdoc="x">call-with-killing-threads</a></span> which kills all threads, but leaves
|
||
|
|
other resources intact.</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-run-submodules))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-run-submodules%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-run-submodules</a></span></span><span class="RktPn"></span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._list%2Fc%29%29" class="RktValLink" data-pltdoc="x">list/c</a></span><span class="hspace"> </span><span class="RktSym"><a href="symbols.html#%28def._%28%28quote._~23~25kernel%29._symbol~3f%29%29" class="RktValLink" data-pltdoc="x">symbol?</a></span><span class="RktPn">)</span></p></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-run-submodules%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-run-submodules</a></span></span><span class="hspace"> </span><span class="RktVar">submod-syms</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">submod-syms</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._list%2Fc%29%29" class="RktValLink" data-pltdoc="x">list/c</a></span><span class="hspace"> </span><span class="RktSym"><a href="symbols.html#%28def._%28%28quote._~23~25kernel%29._symbol~3f%29%29" class="RktValLink" data-pltdoc="x">symbol?</a></span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">A <a href="eval-model.html#%28tech._parameter%29" class="techoutside" data-pltdoc="x"><span class="techinside">parameter</span></a> that determines submodules to run when a sandbox is
|
||
|
|
created by <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._make-module-evaluator%29%29" class="RktValLink" data-pltdoc="x">make-module-evaluator</a></span>. The parameter’s default
|
||
|
|
value is the empty list.</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-make-inspector))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-make-inspector%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-make-inspector</a></span></span><span class="RktPn"></span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="inspectors.html#%28def._%28%28quote._~23~25kernel%29._inspector~3f%29%29" class="RktValLink" data-pltdoc="x">inspector?</a></span><span class="RktPn">)</span></p></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-make-inspector%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-make-inspector</a></span></span><span class="hspace"> </span><span class="RktVar">make</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">make</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="inspectors.html#%28def._%28%28quote._~23~25kernel%29._inspector~3f%29%29" class="RktValLink" data-pltdoc="x">inspector?</a></span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">A <a href="eval-model.html#%28tech._parameter%29" class="techoutside" data-pltdoc="x"><span class="techinside">parameter</span></a> that determines the (nullary) procedure that is used to
|
||
|
|
create the inspector for sandboxed evaluation. The procedure is called
|
||
|
|
when initializing an evaluator. The default parameter value is
|
||
|
|
<span class="RktPn">(</span><span class="RktSym"><a href="lambda.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._lambda%29%29" class="RktStxLink" data-pltdoc="x">lambda</a></span><span class="stt"> </span><span class="RktPn">(</span><span class="RktPn">)</span><span class="stt"> </span><span class="RktPn">(</span><span class="RktSym"><a href="inspectors.html#%28def._%28%28quote._~23~25kernel%29._make-inspector%29%29" class="RktValLink" data-pltdoc="x">make-inspector</a></span><span class="stt"> </span><span class="RktPn">(</span><span class="RktSym"><a href="inspectors.html#%28def._%28%28quote._~23~25kernel%29._current-inspector%29%29" class="RktValLink" data-pltdoc="x">current-inspector</a></span><span class="RktPn">)</span><span class="RktPn">)</span><span class="RktPn">)</span>.</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-make-code-inspector))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-make-code-inspector%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-make-code-inspector</a></span></span><span class="RktPn"></span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="inspectors.html#%28def._%28%28quote._~23~25kernel%29._inspector~3f%29%29" class="RktValLink" data-pltdoc="x">inspector?</a></span><span class="RktPn">)</span></p></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-make-code-inspector%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-make-code-inspector</a></span></span><span class="hspace"> </span><span class="RktVar">make</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">make</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="inspectors.html#%28def._%28%28quote._~23~25kernel%29._inspector~3f%29%29" class="RktValLink" data-pltdoc="x">inspector?</a></span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">A <a href="eval-model.html#%28tech._parameter%29" class="techoutside" data-pltdoc="x"><span class="techinside">parameter</span></a> that determines the (nullary) procedure that is used to
|
||
|
|
create the code inspector for sandboxed evaluation. The procedure is
|
||
|
|
called when initializing an evaluator. The default parameter value is
|
||
|
|
<span class="RktPn">(</span><span class="RktSym"><a href="lambda.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._lambda%29%29" class="RktStxLink" data-pltdoc="x">lambda</a></span><span class="stt"> </span><span class="RktPn">(</span><span class="RktPn">)</span><span class="stt"> </span><span class="RktPn">(</span><span class="RktSym"><a href="inspectors.html#%28def._%28%28quote._~23~25kernel%29._make-inspector%29%29" class="RktValLink" data-pltdoc="x">make-inspector</a></span><span class="stt"> </span><span class="RktPn">(</span><span class="RktSym"><a href="modprotect.html#%28def._%28%28quote._~23~25kernel%29._current-code-inspector%29%29" class="RktValLink" data-pltdoc="x">current-code-inspector</a></span><span class="RktPn">)</span><span class="RktPn">)</span><span class="RktPn">)</span>.</div></p><p>The <span class="RktSym"><a href="eval.html#%28def._%28%28quote._~23~25kernel%29._current-load%2Fuse-compiled%29%29" class="RktValLink" data-pltdoc="x">current-load/use-compiled</a></span> handler is setup to allow loading
|
||
|
|
of bytecode files under the original code inspector when
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-path-permissions%29%29" class="RktValLink" data-pltdoc="x">sandbox-path-permissions</a></span> allows it through a
|
||
|
|
<span class="RktVal">'</span><span class="RktVal">read-bytecode</span> mode symbol, which makes loading libraries
|
||
|
|
possible.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-make-logger))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-make-logger%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-make-logger</a></span></span><span class="RktPn"></span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="logging.html#%28def._%28%28quote._~23~25kernel%29._logger~3f%29%29" class="RktValLink" data-pltdoc="x">logger?</a></span><span class="RktPn">)</span></p></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-make-logger%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-make-logger</a></span></span><span class="hspace"> </span><span class="RktVar">make</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">make</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="logging.html#%28def._%28%28quote._~23~25kernel%29._logger~3f%29%29" class="RktValLink" data-pltdoc="x">logger?</a></span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">A <a href="eval-model.html#%28tech._parameter%29" class="techoutside" data-pltdoc="x"><span class="techinside">parameter</span></a> that determines the procedure used to create the logger
|
||
|
|
for sandboxed evaluation. The procedure is called when initializing
|
||
|
|
an evaluator, and the default parameter value is
|
||
|
|
<span class="RktSym"><a href="logging.html#%28def._%28%28quote._~23~25kernel%29._current-logger%29%29" class="RktValLink" data-pltdoc="x">current-logger</a></span>. This means that it is not creating a new
|
||
|
|
logger (this might change in the future).</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-make-plumber))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-make-plumber%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-make-plumber</a></span></span><span class="RktPn"></span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="plumbers.html#%28def._%28%28quote._~23~25kernel%29._plumber~3f%29%29" class="RktValLink" data-pltdoc="x">plumber?</a></span><span class="RktPn">)</span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">propagate</span><span class="RktPn">)</span></p></blockquote></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-make-plumber%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-make-plumber</a></span></span><span class="hspace"> </span><span class="RktVar">make</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">make</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="plumbers.html#%28def._%28%28quote._~23~25kernel%29._plumber~3f%29%29" class="RktValLink" data-pltdoc="x">plumber?</a></span><span class="RktPn">)</span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">propagate</span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">A <a href="eval-model.html#%28tech._parameter%29" class="techoutside" data-pltdoc="x"><span class="techinside">parameter</span></a> that determines the procedure used to create the
|
||
|
|
plumber for sandboxed evaluation. The procedure is called when
|
||
|
|
initializing an evaluator.</div></p><p>If the value is <span class="RktVal">'</span><span class="RktVal">propagate</span> (the default), then a new plumber
|
||
|
|
is created, and a <a href="plumbers.html#%28tech._flush._callback%29" class="techoutside" data-pltdoc="x"><span class="techinside">flush callback</span></a> is added to the current
|
||
|
|
plumber to propagate the request to the new plumber within the created
|
||
|
|
sandbox (if the sandbox has not already terminated).</p><p class="SHistory">Added in version 6.0.1.8 of package <span class="stt">sandbox-lib</span>.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>parameter</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._sandbox-make-environment-variables))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-make-environment-variables%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-make-environment-variables</a></span></span><span class="RktPn"></span><span class="RktPn">)</span></p></blockquote></td></tr><tr><td><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="envvars.html#%28def._%28%28quote._~23~25kernel%29._environment-variables~3f%29%29" class="RktValLink" data-pltdoc="x">environment-variables?</a></span><span class="RktPn">)</span></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-make-environment-variables%29%29" class="RktValDef RktValLink" data-pltdoc="x">sandbox-make-environment-variables</a></span></span><span class="hspace"> </span><span class="RktVar">make</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">make</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="envvars.html#%28def._%28%28quote._~23~25kernel%29._environment-variables~3f%29%29" class="RktValLink" data-pltdoc="x">environment-variables?</a></span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">A <a href="eval-model.html#%28tech._parameter%29" class="techoutside" data-pltdoc="x"><span class="techinside">parameter</span></a> that determines the procedure used to create the
|
||
|
|
<a href="envvars.html#%28tech._environment._variable._set%29" class="techoutside" data-pltdoc="x"><span class="techinside">environment variable set</span></a> for sandboxed evaluation. The
|
||
|
|
procedure is called when initializing an evaluator, and the default
|
||
|
|
parameter value constructs a new <a href="envvars.html#%28tech._environment._variable._set%29" class="techoutside" data-pltdoc="x"><span class="techinside">environment variable set</span></a> using
|
||
|
|
<span class="RktPn">(</span><span class="RktSym"><a href="envvars.html#%28def._%28%28quote._~23~25kernel%29._environment-variables-copy%29%29" class="RktValLink" data-pltdoc="x">environment-variables-copy</a></span><span class="stt"> </span><span class="RktPn">(</span><span class="RktSym"><a href="envvars.html#%28def._%28%28quote._~23~25kernel%29._current-environment-variables%29%29" class="RktValLink" data-pltdoc="x">current-environment-variables</a></span><span class="RktPn">)</span><span class="RktPn">)</span>.</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._default-language-readers))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._default-language-readers%29%29" class="RktValDef RktValLink" data-pltdoc="x">default-language-readers</a></span></span><span class="hspace"> </span><span class="RktVar">lang</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._listof%29%29" class="RktValLink" data-pltdoc="x">listof</a></span><span class="hspace"> </span><span class="RktSym"><a href="Module_Names_and_Loading.html#%28def._%28%28quote._~23~25kernel%29._module-path~3f%29%29" class="RktValLink" data-pltdoc="x">module-path?</a></span><span class="RktPn">)</span></p></blockquote></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">lang</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktSym"><a href="Module_Names_and_Loading.html#%28def._%28%28quote._~23~25kernel%29._module-path~3f%29%29" class="RktValLink" data-pltdoc="x">module-path?</a></span></td></tr></table></blockquote></div><div class="SIntrapara">Creates a default list of readers that should be allowed to produce a
|
||
|
|
module that uses <span class="RktVar">lang</span> as the language.</div></p><p>This default list includes the following (and more paths may be added
|
||
|
|
in the future):</p><ul><li><p><span class="RktVal">`</span><span class="RktVal">(</span><span class="RktVal">submod</span><span class="stt"> </span><span class="RktRdr">,</span><span class="RktVar">lang</span><span class="stt"> </span><span class="RktVal">reader</span><span class="RktVal">)</span></p></li><li><p><span class="RktVal">’</span><span class="RktVar">lang</span><span class="RktVal">/lang/reader</span> if <span class="RktVar">lang</span> is a symbol</p></li><li><p>the module path producing by adding the relative path <span class="RktVal">"lang/reader.rkt"</span>
|
||
|
|
to <span class="RktVar">lang</span> if <span class="RktVar">lang</span> is not a symbol</p></li><li><p><span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">submod</span><span class="stt"> </span><span class="RktVal">at-exp</span><span class="stt"> </span><span class="RktVal">reader</span><span class="RktVal">)</span></p></li><li><p><span class="RktVal">'</span><span class="RktVal">at-exp/lang/reader</span></p></li></ul><p class="SHistory">Added in version 1.2 of package <span class="stt">sandbox-lib</span>.</p><h5 x-source-module="(lib "scribblings/reference/reference.scrbl")" x-source-pkg="racket-doc" x-part-tag=""Interacting_with_Evaluators"">14.12.3<tt> </tt><a name="(part._.Interacting_with_.Evaluators)"></a>Interacting with Evaluators</h5><p>The following functions are used to interact with a sandboxed
|
||
|
|
evaluator in addition to using it to evaluate code.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._evaluator-alive~3f))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._evaluator-alive~3f%29%29" class="RktValDef RktValLink" data-pltdoc="x">evaluator-alive?</a></span></span><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="booleans.html#%28def._%28%28quote._~23~25kernel%29._boolean~3f%29%29" class="RktValLink" data-pltdoc="x">boolean?</a></span></p></blockquote></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">Determines whether the evaluator is still alive.</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._kill-evaluator))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._kill-evaluator%29%29" class="RktValDef RktValLink" data-pltdoc="x">kill-evaluator</a></span></span><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></p></blockquote></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">Releases the resources that are held by <span clas
|
||
|
|
down the evaluator’s custodian. Attempting to use an evaluator after
|
||
|
|
killing raises an exception, and attempts to kill a dead evaluator are
|
||
|
|
ignored.</div></p><p>Killing an evaluator is similar to sending an <span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._eof%29%29" class="RktValLink" data-pltdoc="x">eof</a></span> value to
|
||
|
|
the evaluator, except that an <span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._eof%29%29" class="RktValLink" data-pltdoc="x">eof</a></span> value will raise an error
|
||
|
|
immediately.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._break-evaluator))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._break-evaluator%29%29" class="RktValDef RktValLink" data-pltdoc="x">break-evaluator</a></span></span><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></p></blockquote></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">Sends a break to the running evaluator. The effect of this is as if
|
||
|
|
Ctrl-C was typed when the evaluator is currently executing, which
|
||
|
|
propagates the break to the evaluator’s context.</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._get-user-custodian))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._get-user-custodian%29%29" class="RktValDef RktValLink" data-pltdoc="x">get-user-custodian</a></span></span><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></p></blockquote></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">Retrieves the <span class="RktVar">evaluator</span>’s toplevel custodian. This returns a
|
||
|
|
value that is different from <span class="RktPn">(</span><span class="RktVar">evaluator</span><span class="stt"> </span><span class="RktVal">'</span><span class="RktVal">(</span><span class="RktVal">current-custodian</span><span class="RktVal">)</span><span class="RktPn">)</span>
|
||
|
|
or <span class="RktPn">(</span><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-in-sandbox-context%29%29" class="RktValLink" data-pltdoc="x">call-in-sandbox-context</a></span><span class="stt"> </span><span class="RktVar">evaluator</span><span class="stt"> </span><span class="RktSym"><a href="custodians.html#%28def._%28%28quote._~23~25kernel%29._current-custodian%29%29" class="RktValLink" data-pltdoc="x">current-custodian</a></span><span class="RktPn">)</span> —<wbr></wbr> each
|
||
|
|
sandbox interaction is wrapped in its own custodian, which is what these
|
||
|
|
would return.</div></p><p>(One use for this custodian is with <span class="RktSym"><a href="garbagecollection.html#%28def._%28%28quote._~23~25kernel%29._current-memory-use%29%29" class="RktValLink" data-pltdoc="x">current-memory-use</a></span>, where
|
||
|
|
the per-interaction sub-custodians will not be charged with the memory
|
||
|
|
for the whole sandbox.)</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._set-eval-limits))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._set-eval-limits%29%29" class="RktValDef RktValLink" data-pltdoc="x">set-eval-limits</a></span></span><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="hspace"> </span><span class="RktVar">secs</span><span class="hspace"> </span><span class="RktVar">mb</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></p></blockquote></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">secs</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktSym"><a href="number-types.html#%28def._%28%28quote._~23~25kernel%29._exact-nonnegative-integer~3f%29%29" class="RktValLink" data-pltdoc="x">exact-nonnegative-integer?</a></span><span class="hspace"> </span><span class="RktVal">#f</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">mb</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktSym"><a href="number-types.html#%28def._%28%28quote._~23~25kernel%29._exact-nonnegative-integer~3f%29%29" class="RktValLink" data-pltdoc="x">exact-nonnegative-integer?</a></span><span class="hspace"> </span><span class="RktVal">#f</span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">Changes the per-expression limits that <span class="RktVar">evaluator</span> uses to
|
||
|
|
<span class="RktVar">secs</span> seconds of <a href="Sandboxed_Evaluation.html#%28tech._shallow._time%29" class="techoutside" data-pltdoc="x"><span class="techinside">shallow time</span></a> and <span class="RktVar">mb</span>
|
||
|
|
megabytes (either one can be <span class="RktVal">#f</span>, indicating no limit).</div></p><p>This procedure should be used to modify an existing evaluator limits,
|
||
|
|
because changing the <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-eval-limits%29%29" class="RktValLink" data-pltdoc="x">sandbox-eval-limits</a></span> parameter does not
|
||
|
|
affect existing evaluators. See also <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-limits%29%29" class="RktValLink" data-pltdoc="x">call-with-limits</a></span>.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._set-eval-handler))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._set-eval-handler%29%29" class="RktValDef RktValLink" data-pltdoc="x">set-eval-handler</a></span></span><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="hspace"> </span><span class="RktVar">handler</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></p></blockquote></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">handler</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktVal">#f</span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">Changes the per-expression handler that the <span class="RktVar">evaluator</span> uses
|
||
|
|
around each interaction. A <span class="RktVal">#f</span> value means no handler is
|
||
|
|
used.</div></p><p>This procedure should be used to modify an existing evaluator handler,
|
||
|
|
because changing the <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-eval-handlers%29%29" class="RktValLink" data-pltdoc="x">sandbox-eval-handlers</a></span> parameter does not
|
||
|
|
affect existing evaluators. See also
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-custodian-shutdown%29%29" class="RktValLink" data-pltdoc="x">call-with-custodian-shutdown</a></span> and
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-killing-threads%29%29" class="RktValLink" data-pltdoc="x">call-with-killing-threads</a></span> for two useful handlers that are
|
||
|
|
provided.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._call-with-custodian-shutdown))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-custodian-shutdown%29%29" class="RktValDef RktValLink" data-pltdoc="x">call-with-custodian-shutdown</a></span></span><span class="hspace"> </span><span class="RktVar">thunk</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span></p></blockquote></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">thunk</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr><tr><td><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._call-with-killing-threads))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-killing-threads%29%29" class="RktValDef RktValLink" data-pltdoc="x">call-with-killing-threads</a></span></span><span class="hspace"> </span><span class="RktVar">thunk</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">thunk</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">These functions are useful for use as an evaluation handler.
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-custodian-shutdown%29%29" class="RktValLink" data-pltdoc="x">call-with-custodian-shutdown</a></span> will execute the <span class="RktVar">thunk</span>
|
||
|
|
in a fresh custodian, then shutdown that custodian, making sure that
|
||
|
|
<span class="RktVar">thunk</span> could not have left behind any resources.
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-killing-threads%29%29" class="RktValLink" data-pltdoc="x">call-with-killing-threads</a></span> is similar, except that it kills
|
||
|
|
threads that were left, but leaves other resources as is.</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._put-input))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._put-input%29%29" class="RktValDef RktValLink" data-pltdoc="x">put-input</a></span></span><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._output-port~3f%29%29" class="RktValLink" data-pltdoc="x">output-port?</a></span></p></blockquote></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr><tr><td><span class="RktPn">(</span><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._put-input%29%29" class="RktValDef RktValLink" data-pltdoc="x">put-input</a></span></span><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="hspace"> </span><span class="RktVar">i/o</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="void.html#%28def._%28%28quote._~23~25kernel%29._void~3f%29%29" class="RktValLink" data-pltdoc="x">void?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">i/o</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktSym"><a href="bytestrings.html#%28def._%28%28quote._~23~25kernel%29._bytes~3f%29%29" class="RktValLink" data-pltd
|
||
|
|
created, then this procedure can be used to retrieve the output port
|
||
|
|
end of the pipe (when used with no arguments), or to add a string or a
|
||
|
|
byte string into the pipe. It can also be used with <span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._eof%29%29" class="RktValLink" data-pltdoc="x">eof</a></span>,
|
||
|
|
which closes the pipe.</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._get-output))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._get-output%29%29" class="RktValDef RktValLink" data-pltdoc="x">get-output</a></span></span><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktVal">#f</span><span class="hspace"> </span><span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._input-port~3f%29%29" class="RktValLink" data-pltdoc="x">input-port?</a></span><span class="hspace"> </span><span class="RktSym"><a href="bytestrings.html#%28def._%28%28quote._~23~25kernel%29._bytes~3f%29%29" class="RktValLink" data-pltdoc="x">bytes?</a></span><span class="hspace"> </span><span class="RktSym"><a href="strings.html#%28def._%28%28quote._~23~25kernel%29._string~3f%29%29" class="RktValLink" data-pltdoc="x">string?</a></span><span class="RktPn">)</span></p></blockquote></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr><tr><td><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._get-error-output))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._get-error-output%29%29" class="RktValDef RktValLink" data-pltdoc="x">get-error-output</a></span></span><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktVal">#f</span><span class="hspace"> </span><span class="RktSym"><a href="port-ops.html#%28def._%28%28quote._~23~25kernel%29._input-port~3f%29%29" class="RktValLink" data-pltdoc="x">input-port?</a></span><span class="hspace"> </span><span class="RktSym"><a href="bytestrings.html#%28def._%28%28quote._~23~25kernel%29._bytes~3f%29%29" class="RktValLink" data-pltdoc="x">bytes?</a></span><span class="hspace"> </span><span class="RktSym"><a href="strings.html#%28def._%28%28quote._~23~25kernel%29._string~3f%29%29" class="RktValLink" data-pltdoc="x">string?</a></span><span class="RktPn">)</span></td></tr><tr><td><spa
|
||
|
|
in a way that depends on the setting of <span class="RktPn">(</span><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-output%29%29" class="RktValLink" data-pltdoc="x">sandbox-output</a></span><span class="RktPn">)</span> or
|
||
|
|
<span class="RktPn">(</span><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-error-output%29%29" class="RktValLink" data-pltdoc="x">sandbox-error-output</a></span><span class="RktPn">)</span> when the evaluator was created:</div></p><ul><li><p>if it was <span class="RktVal">'</span><span class="RktVal">pipe</span>, then <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._get-output%29%29" class="RktValLink" data-pltdoc="x">get-output</a></span> returns the
|
||
|
|
input port end of the created pipe;</p></li><li><p>if it was <span class="RktVal">'</span><span class="RktVal">bytes</span> or <span class="RktVal">'</span><span class="RktVal">string</span>, then the result
|
||
|
|
is the accumulated output, and the output port is reset so each
|
||
|
|
call returns a different piece of the evaluator’s output (note
|
||
|
|
that results are available only until the evaluator has
|
||
|
|
terminated, and any allocations of the output are subject to
|
||
|
|
the sandbox memory limit);</p></li><li><p>otherwise, it returns <span class="RktVal">#f</span>.</p></li></ul><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><table cellspacing="0" cellpadding="0" class="prototype RForeground"><tr><td valign="top"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._get-uncovered-expressions))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._get-uncovered-expressions%29%29" class="RktValDef RktValLink" data-pltdoc="x">get-uncovered-expressions</a></span></span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="RktVar">evaluator</span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td></tr><tr><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span><span class="RktOpt">[</span></td><td valign="top"><span class="RktVar">prog?</span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td></tr><tr><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="RktVar">src</span><span class="RktOpt">]</span><span class="RktPn">)</span></td><td valign="top"><span class="hspace"> </span></td><td valign="top">→</td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._listof%29%29" class="RktValLink" data-pltdoc="x">listof</a></span><span class="hspace"> </span><span class="RktSym"><a href="stxops.html#%28def._%28%28quote._~23~25kernel%29._syntax~3f%29%29" class="RktValLink" data-pltdoc="x">syntax?</a></span><span class="RktPn">)</span></td></tr></table></blockquote></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">prog?</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span><span class="hspace"> </span>=<span class="hspace"> </span><span class="RktVal">#t</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">src</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-coverage-enabled%29%29" class="RktValLink" data-pltdoc="x">sandbox-coverage-enabled</a></span> parameter had a true value when the
|
||
|
|
evaluator was created. Otherwise, an exception is raised to indicate
|
||
|
|
that no coverage information is available.</div></p><p>The <span class="RktVar">prog?</span> argument specifies whether to obtain expressions that
|
||
|
|
were uncovered after only the original input program was evaluated
|
||
|
|
(<span class="RktVal">#t</span>) or after all later uses of the evaluator (<span class="RktVal">#f</span>).
|
||
|
|
Using <span class="RktVal">#t</span> retrieves a list that is saved after the input
|
||
|
|
program is evaluated, and before the evaluator is used, so the result is
|
||
|
|
always the same.</p><p>A <span class="RktVal">#t</span> value of <span class="RktVar">prog?</span> is useful for testing student
|
||
|
|
programs to find out whether a submission has sufficient test coverage
|
||
|
|
built in. A <span class="RktVal">#f</span> value is useful for writing test suites for a
|
||
|
|
program to ensure that your tests cover the whole code.</p><p>The second optional argument, <span class="RktVar">src</span>, specifies that the result
|
||
|
|
should be filtered to hold only <a href="syntax-model.html#%28tech._syntax._object%29" class="techoutside" data-pltdoc="x"><span class="techinside">syntax objects</span></a> whose source
|
||
|
|
matches <span class="RktVar">src</span>. The default is the source that was used in the
|
||
|
|
program code, if there was one. Note that <span class="RktVal">'</span><span class="RktVal">program</span> is used as
|
||
|
|
the source value if the input program was given as S-expressions or as a
|
||
|
|
string (and in these cases it will be the default for filtering). If given
|
||
|
|
<span class="RktVal">#f</span>, the result is the unfiltered list of expressions.</p><p>The resulting list of <a href="syntax-model.html#%28tech._syntax._object%29" class="techoutside" data-pltdoc="x"><span class="techinside">syntax objects</span></a> has at most one expression
|
||
|
|
for each position and span. Thus, the contents may be unreliable, but
|
||
|
|
the position information is reliable (i.e., it always indicates source
|
||
|
|
code that would be painted red in DrRacket when coverage information
|
||
|
|
is used).</p><p>Note that if the input program is a sequence of syntax values, either
|
||
|
|
make sure that they have <span class="RktVal">'</span><span class="RktVal">program</span> as the source field, or use
|
||
|
|
the <span class="RktVar">src</span> argument. Using a sequence of S-expressions (not
|
||
|
|
<a href="syntax-model.html#%28tech._syntax._object%29" class="techoutside" data-pltdoc="x"><span class="techinside">syntax objects</span></a>) for an input program leads to unreliable
|
||
|
|
coverage results, since each expression may be assigned a single
|
||
|
|
source location.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><table cellspacing="0" cellpadding="0" class="prototype RForeground"><tr><td valign="top"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._call-in-sandbox-context))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-in-sandbox-context%29%29" class="RktValDef RktValLink" data-pltdoc="x">call-in-sandbox-context</a></span></span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="RktVar">evaluator</span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td></tr><tr><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="RktVar">thunk</span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span></td></tr><tr><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="hspace"> </span><span class="RktOpt">[</span></td><td valign="top"><span class="RktVar">unrestricted?</span><span class="RktOpt">]</span><span class="RktPn">)</span></td><td valign="top"><span class="hspace"> </span></td><td valign="top">→</td><td valign="top"><span class="hspace"> </span></td><td valign="top"><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span></td></tr></table></blockquote></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">evaluator</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span><span class="hspace"> </span><span class="RktPn">. </span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="RktPn"> .</span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">thunk</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">unrestricted?</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktSym"><a href="booleans.html#%28def._%28%28quote._~23~25kernel%29._boolean~3f%29%29" class="RktValLink" data-pltdoc="x">boolean?</a></span><span class="hspace"> </span>=<span class="hspace"> </span><span cla
|
||
|
|
evaluator. The call is performed under the resource limits and
|
||
|
|
evaluation handler that are used for evaluating expressions, unless
|
||
|
|
<span class="RktVar">unrestricted?</span> is specified as true.</div></p><p>This process is usually similar to <span class="RktPn">(</span><span class="RktVar">evaluator</span><span class="stt"> </span><span class="RktPn">(</span><span class="RktSym"><a href="pairs.html#%28def._%28%28quote._~23~25kernel%29._list%29%29" class="RktValLink" data-pltdoc="x">list</a></span><span class="stt"> </span><span class="RktVar">thunk</span><span class="RktPn">)</span><span class="RktPn">)</span>,
|
||
|
|
except that it does not rely on the common meaning of a sexpr-based
|
||
|
|
syntax with list expressions as function application (which is not true
|
||
|
|
in all languages). Note that this is more useful for meta-level
|
||
|
|
operations such as namespace manipulation, it is not intended to be used
|
||
|
|
as a safe-evaluation replacement (i.e., using the sandbox evaluator as
|
||
|
|
usual).</p><p><div class="SIntrapara">In addition, you can avoid some of the sandboxed restrictions by using
|
||
|
|
your own permissions, for example,
|
||
|
|
</div><div class="SIntrapara"><blockquote class="SCodeFlow"><table cellspacing="0" cellpadding="0" class="RktBlk"><tr><td><span class="RktPn">(</span><span class="RktSym"><a href="let.html#%28form._%28%28lib._racket%2Fprivate%2Fletstx-scheme..rkt%29._let%29%29" class="RktStxLink" data-pltdoc="x">let</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktPn">[</span><span class="RktSym">guard</span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="securityguards.html#%28def._%28%28quote._~23~25kernel%29._current-security-guard%29%29" class="RktValLink" data-pltdoc="x">current-security-guard</a></span><span class="RktPn">)</span><span class="RktPn">]</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-in-sandbox-context%29%29" class="RktValLink" data-pltdoc="x">call-in-sandbox-context</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktSym">ev</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="lambda.html#%28form._%28%28lib._racket%2Fprivate%2Fbase..rkt%29._lambda%29%29" class="RktStxLink" data-pltdoc="x">lambda</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="parameters.html#%28form._%28%28lib._racket%2Fprivate%2Fmore-scheme..rkt%29._parameterize%29%29" class="RktStxLink" data-pltdoc="x">parameterize</a></span><span class="hspace"> </span><span class="RktPn">(</span><span class="RktPn">[</span><span class="RktSym"><a href="securityguards.html#%28def._%28%28quote._~23~25kernel%29._current-security-guard%29%29" class="RktValLink" data-pltdoc="x">current-security-guard</a></span><span class="hspace"> </span><span class="RktSym">guard</span><span class="RktPn">]</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktCmt">;</span><span class="RktCmt"> </span><span class="RktCmt">can access anything you want here</span></td></tr><tr><td><span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="Filesystem.html#%28def._%28%28quote._~23~25kernel%29._delete-file%29%29" class="RktValLink" data-pltdoc="x">delete-file</a></span><span class="hspace"> </span><span class="RktVal">"/some/file"</span><span class="RktPn">)</span><span class="RktPn">)</span><span class="RktPn">)</span><span class="RktPn">)</span><span class="RktPn">)</span></td></tr></table></blockquote></div></p><h5 x-source-module="(lib "scribblings/reference/reference.scrbl")" x-source-pkg="racket-doc" x-part-tag=""Miscellaneous"">14.12.4<tt> </tt><a name="(part._.Miscellaneous)"></a>Miscellaneous</h5><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>value</p></div></div><p class="RForeground"><a name="(def._((lib._racket/sandbox..rkt)._gui~3f))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._gui~3f%29%29" class="RktValDef RktValLink" data-pltdoc="x">gui?</a></span></span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktSym"><a href="booleans.html#%28def._%28%28quote._~23~25kernel%29._boolean~3f%29%29" class="RktValLink" data-pltdoc="x">boolean?</a></span></p></blockquote></td></tr></table></blockquote></div><div class="SIntrapara">For backward compatibility, only: the re
|
||
|
|
at the time that <a href="Sandboxed_Evaluation.html" class="RktModLink" data-pltdoc="x"><span class="RktSym">racket/sandbox</span></a> was instantiated.</div></p><p>The value of <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._gui~3f%29%29" class="RktValLink" data-pltdoc="x">gui?</a></span> is no longer used by
|
||
|
|
<a href="Sandboxed_Evaluation.html" class="RktModLink" data-pltdoc="x"><span class="RktSym">racket/sandbox</span></a> itself. Instead,
|
||
|
|
<span class="RktSym"><a href="https://download.racket-lang.org/releases/8.6/doc/local-redirect/index.html?doc=gui&rel=Dynamic_Loading.html%23%2528def._%2528%2528lib._racket%252Fgui%252Fdynamic..rkt%2529._gui-available%7E3f%2529%2529&version=8.6" class="RktValLink Sq" data-pltdoc="x">gui-available?</a></span> and <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-gui-available%29%29" class="RktValLink" data-pltdoc="x">sandbox-gui-available</a></span> are
|
||
|
|
checked at the time that a sandbox evaluator is created.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._call-with-limits))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-limits%29%29" class="RktValDef RktValLink" data-pltdoc="x">call-with-limits</a></span></span><span class="hspace"> </span><span class="RktVar">secs</span><span class="hspace"> </span><span class="RktVar">mb</span><span class="hspace"> </span><span class="RktVar">thunk</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span></p></blockquote></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">secs</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktSym"><a href="number-types.html#%28def._%28%28quote._~23~25kernel%29._exact-nonnegative-integer~3f%29%29" class="RktValLink" data-pltdoc="x">exact-nonnegative-integer?</a></span><span class="hspace"> </span><span class="RktVal">#f</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">mb</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktSym"><a href="number-types.html#%28def._%28%28quote._~23~25kernel%29._exact-nonnegative-integer~3f%29%29" class="RktValLink" data-pltdoc="x">exact-nonnegative-integer?</a></span><span class="hspace"> </span><span class="RktVal">#f</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">thunk</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">Executes the given <span class="RktVar">thunk</span> with memory and time restrictions:
|
||
|
|
if execution consumes more than <span class="RktVar">mb</span> megabytes or more than
|
||
|
|
<span class="RktVar">secs</span> <a href="Sandboxed_Evaluation.html#%28tech._shallow._time%29" class="techoutside" data-pltdoc="x"><span class="techinside">shallow time</span></a> seconds, then the computation is
|
||
|
|
aborted and an exception recognizable by <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._exn~3afail~3aresource~3f%29%29" class="RktValLink" data-pltdoc="x">exn:fail:resource?</a></span> is raised. Otherwise, the result of
|
||
|
|
the thunk is returned as usual (a value, multiple values, or an
|
||
|
|
exception). Each of the two limits can be <span class="RktVal">#f</span> to indicate the
|
||
|
|
absence of a limit. See also <span class="RktSym"><a href="custodians.html#%28def._%28%28quote._~23~25kernel%29._custodian-limit-memory%29%29" class="RktValLink" data-pltdoc="x">custodian-limit-memory</a></span> for
|
||
|
|
information on memory limits.</div></p><p>To enforce limits, <span class="RktVar">thunk</span> is run in a new thread. As usual,
|
||
|
|
the new thread starts with the same parameter values as the one that
|
||
|
|
calls <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-limits%29%29" class="RktValLink" data-pltdoc="x">call-with-limits</a></span>. <span class="emph">Not</span> as usual, parameter values
|
||
|
|
from the thread used to run <span class="RktVar">thunk</span> are copied back to the
|
||
|
|
thread that called <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-limits%29%29" class="RktValLink" data-pltdoc="x">call-with-limits</a></span> when <span class="RktVar">thunk</span>
|
||
|
|
completes.</p><p>Sandboxed evaluators use <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-limits%29%29" class="RktValLink" data-pltdoc="x">call-with-limits</a></span>, according to the
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._sandbox-eval-limits%29%29" class="RktValLink" data-pltdoc="x">sandbox-eval-limits</a></span> setting and uses of
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._set-eval-limits%29%29" class="RktValLink" data-pltdoc="x">set-eval-limits</a></span>: each expression evaluation is protected from
|
||
|
|
timeouts and memory problems. Use <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-limits%29%29" class="RktValLink" data-pltdoc="x">call-with-limits</a></span> directly
|
||
|
|
only to limit a whole testing session, instead of each expression.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>syntax</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(form._((lib._racket/sandbox..rkt)._with-limits))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28form._%28%28lib._racket%2Fsandbox..rkt%29._with-limits%29%29" class="RktStxDef RktStxLink" data-pltdoc="x">with-limits</a></span></span><span class="hspace"> </span><span class="RktVar">sec-expr</span><span class="hspace"> </span><span class="RktVar">mb-expr</span><span class="hspace"> </span><span class="RktVar">body</span><span class="hspace"> </span><span class="RktMeta">...</span><span class="RktPn">)</span></p></blockquote></td></tr></table></blockquote></div><div class="SIntrapara">A macro version of <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-limits%29%29" class="RktValLink" data-pltdoc="x">call-with-limits</a></span>.</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._call-with-deep-time-limit))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-deep-time-limit%29%29" class="RktValDef RktValLink" data-pltdoc="x">call-with-deep-time-limit</a></span></span><span class="hspace"> </span><span class="RktVar">secs</span><span class="hspace"> </span><span class="RktVar">thunk</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span></p></blockquote></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">secs</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktSym"><a href="number-types.html#%28def._%28%28quote._~23~25kernel%29._exact-nonnegative-integer~3f%29%29" class="RktValLink" data-pltdoc="x">exact-nonnegative-integer?</a></span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">thunk</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="function-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._-~3e%29%29" class="RktStxLink" data-pltdoc="x"><span class="nobreak">-></span></a></span><span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28form._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%29%29" class="RktStxLink" data-pltdoc="x">any</a></span><span class="RktPn">)</span></td></tr></table></blockquote></div><div class="SIntrapara">Executes the given <span class="RktVar">thunk</span> with <a href="Sandboxed_Evaluation.html#%28tech._deep._time%29" class="techoutside" data-pltdoc="x"><span class="techinside">deep time</span></a> restrictions,
|
||
|
|
and returns the values produced by <span class="RktVar">thunk</span>.</div></p><p>The given <span class="RktVar">thunk</span> is run in a new thread. If it errors or if
|
||
|
|
the thread terminates returning a value, then <span class="RktPn">(</span><span class="RktSym"><a href="values.html#%28def._%28%28quote._~23~25kernel%29._values%29%29" class="RktValLink" data-pltdoc="x">values</a></span><span class="RktPn">)</span> is
|
||
|
|
returned.</p><p class="SHistory">Changed in version 1.1 of package <span class="stt">sandbox-lib</span>: Changed to return <span class="RktVar">thunk</span>’s result
|
||
|
|
if it completes normally.</p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>syntax</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(form._((lib._racket/sandbox..rkt)._with-deep-time-limit))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28form._%28%28lib._racket%2Fsandbox..rkt%29._with-deep-time-limit%29%29" class="RktStxDef RktStxLink" data-pltdoc="x">with-deep-time-limit</a></span></span><span class="hspace"> </span><span class="RktVar">secs-expr</span><span class="hspace"> </span><span class="RktVar">body</span><span class="hspace"> </span><span class="RktMeta">...</span><span class="RktPn">)</span></p></blockquote></td></tr></table></blockquote></div><div class="SIntrapara">A macro version of <span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-deep-time-limit%29%29" class="RktValLink" data-pltdoc="x">call-with-deep-time-limit</a></span>.</div></p><p><div class="SIntrapara"><blockquote class="SVInsetFlow"><table cellspacing="0" cellpadding="0" class="boxed RBoxed"><tr><td><blockquote class="SubFlow"><div class="RBackgroundLabel SIEHidden"><div class="RBackgroundLabelInner"><p>procedure</p></div></div><p class="RForeground"><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._exn~3afail~3aresource~3f))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._exn~3afail~3aresource~3f%29%29" class="RktValDef RktValLink" data-pltdoc="x">exn:fail:resource?</a></span></span><span class="hspace"> </span><span class="RktVar">v</span><span class="RktPn">)</span><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktSym"><a href="booleans.html#%28def._%28%28quote._~23~25kernel%29._boolean~3f%29%29" class="RktValLink" data-pltdoc="x">boolean?</a></span></p></blockquote></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">v</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fprivate%2Fmisc..rkt%29._any%2Fc%29%29" class="RktValLink" data-pltdoc="x">any/c</a></span></td></tr><tr><td><span class="RktPn">(</span><a name="(def._((lib._racket/sandbox..rkt)._exn~3afail~3aresource-resource))"></a><span title="Provided from: racket/sandbox | Package: sandbox-lib"><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._exn~3afail~3aresource-resource%29%29" class="RktValDef RktValLink" data-pltdoc="x">exn:fail:resource-resource</a></span></span><span class="hspace"> </span><span class="RktVar">exn</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span>→<span class="hspace"> </span><span class="RktPn">(</span><span class="RktSym"><a href="data-structure-contracts.html#%28def._%28%28lib._racket%2Fcontract%2Fbase..rkt%29._or%2Fc%29%29" class="RktValLink" data-pltdoc="x">or/c</a></span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">time</span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">memory</span><span class="hspace"> </span><span class="RktVal">'</span><span class="RktVal">deep-time</span><span class="RktPn">)</span></td></tr><tr><td><span class="hspace"> </span><span class="RktVar">exn</span><span class="hspace"> </span>:<span class="hspace"> </span><span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._exn~3afail~3aresource~3f%29%29" class="RktValLink" data-pltdoc="x">exn:fail:resource?</a></span></td></tr></table></blockquo
|
||
|
|
<span class="RktSym"><a href="Sandboxed_Evaluation.html#%28def._%28%28lib._racket%2Fsandbox..rkt%29._call-with-limits%29%29" class="RktValLink" data-pltdoc="x">call-with-limits</a></span>. The <span class="RktSym">resource</span> field holds a
|
||
|
|
symbol, representing the resource that was expended. <span class="RktVal">'</span><span class="RktVal">time</span> is
|
||
|
|
used for <a href="Sandboxed_Evaluation.html#%28tech._shallow._time%29" class="techoutside" data-pltdoc="x"><span class="techinside">shallow time</span></a> and <span class="RktVal">'</span><span class="RktVal">deep-time</span> is used for
|
||
|
|
<a href="Sandboxed_Evaluation.html#%28tech._deep._time%29" class="techoutside" data-pltdoc="x"><span class="techinside">deep time</span></a>.</div></p><div class="navsetbottom"><span class="navleft"><form class="searchform"><input class="searchbox" id="searchbox" type="text" tabindex="1" placeholder="...search manuals..." title="Enter a search string to search the manuals" onkeypress="return DoSearchKey(event, this, "8.6", "../");"/></form> <a href="https://docs.racket-lang.org/index.html" title="up to the documentation top" data-pltdoc="x" onclick="return GotoPLTRoot("8.6");">top</a><span class="tocsettoggle"> <a href="javascript:void(0);" title="show/hide table of contents" onclick="TocsetToggle();">contents</a></span></span><span class="navright"> <a href="plumbers.html" title="backward to "14.11 Plumbers"" data-pltdoc="x">← prev</a> <a href="security.html" title="up to "14 Reflection and Security"" data-pltdoc="x">up</a> <a href="repl-module.html" title="forward to "14.13 The racket/repl Library"" data-pltdoc="x">next →</a></span> </div></div></div><div id="contextindicator"> </div></body></html>
|