POV-Ray : Newsgroups : povray.pov4.discussion.general : Reviving some pov4 discussion : Re: Reviving some pov4 discussion Server Time
24 Sep 2022 14:54:52 EDT (-0400)
  Re: Reviving some pov4 discussion  
From: scott
Date: 15 Dec 2015 04:02:36
Message: <566fd72c$1@news.povray.org>
>> I've got a good scene:
>>
>> scene += Cone( {0,0,0},{0,1,0}, 2);
>> std::remove("some important file");
>>
>> Is there any way to limit what damage a compiled C++ program can do?
>
> Absolutely.
>
> If by "compiled" you really do mean "compiled", it's as easy as
> permitting only linkage to a tightly controlled set of libraries, of
> which you know that they can't possibly do any harm (which may require
> providing a custom runtime library).

That sounds a lot of work, with still a small risk of someone finding a 
loophole to do something bad in their scene.

> If by "compiled" you actually mean "built", i.e. compiled /and/ linked,
> it's as "easy" as running the program in a virtual machine.

Sounds a lot of work too, so that it's transparent to the casual user 
that the scene is being rendered in a virtual machine.


Post a reply to this message

Copyright 2003-2021 Persistence of Vision Raytracer Pty. Ltd.